[Techtalk] thoughts on OpenSSH key passphrase/ no passphrase
Mary
mary-linuxchix at puzzling.org
Mon Nov 28 08:04:09 EST 2005
On Sun, Nov 27, 2005, Carla Schroder wrote:
> Some folks think using public-key authentication without a passphrase
> is more secure that using it with a passphrase. Which does not make
> sense to me.
>
> Anyone have deep thoughts on the subject? Or even shallow ones.
I use passphrased keys for human logins, as in when I want to be able to
connect to a remote computer and run arbitary commands. I will sometimes
use passphrase-less keys for an automated user, for example a user that
runs backups, and will use the authorized_keys file to restrict them to
running the relevant command using command= and restrict the host they
can login from using from=. (For people interested, see the
"AUTHORIZED_KEYS FILE FORMAT" format of the sshd man page.)
-Mary
More information about the Techtalk
mailing list