>>>>> "TW" == Thomas Wouters <thomas@xs4all.net> writes:
TW> And that's perfectly sensible. I'm not a crypto-junkie in any
TW> way, but using ssh with non-passphrase-protected is dangerous
TW> stuff. We do use it, at XS4ALL, actually, for scripts to
TW> execute commands on remote machines, but we do it with
TW> seperate keysets, and restricted per host.
Right, that's the way to do it. Remember that you can have multiple
keypairs associated with your shell account, so if you /really/ wanted
to do this (and I don't suggest it), then generate a new keypair,
leave the new private key unpassphrase protected, and upload the new
keypair to SF. Use this keypair only for SF so if it's cracked your
exposure is minimized.
As paranoid as I am, I usually generate new keypairs when I travel
with my ssh client. I use that keypair only for that trip and discard
it when I get back.
-Barry
RetroSearch is an open source project built by @garambo | Open a GitHub Issue
Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo
HTML:
3.2
| Encoding:
UTF-8
| Version:
0.7.4