[Techtalk] ssh with no password (the debian way?)
Mary
mary-linuxchix at puzzling.org
Tue Mar 2 12:46:39 EST 2004
On Mon, Mar 01, 2004, Angelina Carlton wrote:
> Why didnt I just hit enter to get a blank passphrase during the
> ssh-keygen session? Because everyone tells me thats a no-no
You can do this, but if anyone gets hold of your private key they can
log into any host that you put your public key on. Private key theft is
pretty common if a box gets hacked these days, think about whether
you're prepared to accept the worse case scenario before making this
tradeoff.
However, if you do want to have an empty passphrase, use "ssh-keygen -p"
on your existing private key file.
> I dont know then what the correct way on Debian is for this procedure.
The alternative is to use ssh-agent. I don't know it that well, but I
think the man page was reasonably helpful.
The man page says:
ssh-agent is a program to hold private keys used for public key
authentication (RSA, DSA). The idea is that ssh-agent is started
in the beginning of an X-session or a login session, and all other
windows or programs are started as clients to the ssh-agent
program. Through use of environment variables the agent can be
located and automatically used for authentication when logging in
to other machines using ssh(1).
-Mary
More information about the Techtalk
mailing list