On Tue, Feb 05, 2002 at 02:26:58PM +0000, Rasputin wrote:
> * Michael Vince <michaelroq.com> [020205 08:05]:
> > I just wanted to know how dangerous are ssh keys with no password phrases?
> You need to keep them safe, since any old monkey can use them to get into
> boxes as you ( although you can restirct that slightly - see the AUTHORIZED_KEYS
> part in sshd(8) )

Generally I keep my SSH keys and personal X.509 certs on a floppy which is
carried on my person at all times, although I am shortly going to be converting
to either Memory Stick or CompactFlash now that readers (and media) are so
easily available.

Passwords are important - always keep physical control over your keys. Keeping
them encrypted with IDEA is an important time buying measure if you do lose
them, unless the password is also compromised (careless!), in which case
you lose all security.

I find it helpful to use multiple SSH keys for different domains of trust-
i.e. never mix business with pleasure.

BMS

To Unsubscribe: send mail to majordomoFreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]