Security Basics mailing list archives
Re: SSH Passphrase
From: Devdas Bhagat <dvb () users sourceforge net>
Date: Thu, 6 Mar 2003 03:58:13 +0530
On 05/03/03 23:06 +0200, Stefan Lesicnik wrote:
I have accomplished this by generating a dsa key without a passphrase. Although this works I am worried about the security concerns of doing this? (Without a passphrase, how does it authenticate? Based on the machines dsa key which was made from machine specific entropy?)
The machine keys authenticate hosts. The user keys you generated authenticate users (in this case, the user your script runs as).
I know of programs such as ssh-agent, but these require you to enter a passphrase at the beginning of the session which it then remembers, this isnt possible as it is non-interactive in my case. Does anyone have any ideas or comments?
You need to give the passphrase once at boot. Devdas Bhagat
Current thread:
- Re: Outlook web access rogue (Mar 03)
- <Possible follow-ups>
- Re: Outlook web access i.t (Mar 03)
- SSH Passphrase Stefan Lesicnik (Mar 05)
- RE: SSH Passphrase Michael Cunningham (Mar 06)
- RE: SSH Passphrase Michael Sconzo (Mar 06)
- Re: SSH Passphrase Devdas Bhagat (Mar 06)
- Re: SSH Passphrase David M. Fetter (Mar 06)
- Re: SSH Passphrase Janus N. (Mar 07)
- Re: SSH Passphrase Johan De Meersman (Mar 08)
- SSH Passphrase Stefan Lesicnik (Mar 05)
- Re: Outlook web access Devdas Bhagat (Mar 03)
- Re: Outlook web access Nuzman (Mar 04)
- Re: Outlook web access Chris Travers (Mar 03)
- RE: Outlook web access CHRIS GRABENSTEIN (Mar 03)
- RE: Outlook web access Jennifer Fountain (Mar 03)
- Re: Outlook web access David Glosser (Mar 05)
- Re: Outlook web access Mark Ng (Mar 06)
- Re: Outlook web access David Glosser (Mar 05)
(Thread continues...)