[19862] in North American Network Operators' Group
Re: Remote Shell
daemon@ATHENA.MIT.EDU (Ingo Luetkebohle)
Tue Sep 29 10:50:14 1998
Date: Tue, 29 Sep 1998 11:33:50 +0200 (MET DST)
From: Ingo Luetkebohle <ingo@devconsult.de>
To: "Adam D. McKenna" <adam@flounder.net>
cc: mzac@uunet.ca, "Roeland M.J. Meyer" <rmeyer@mhsc.com>,
Benicio Miguel Sanchez Fuentes <bsanchez@alestra.com.mx>,
NorthAm Net Ops Grp List <nanog@merit.edu>
In-Reply-To: <094b01bdeb68$4d625ce0$1d01a8c0@fishtank>
On Tue, 29 Sep 1998, Adam D. McKenna wrote:
> This will work if you have no passphrase on your RSA key. This is a *really*
> stupid thing to do, IMHO, especially to a root account, as anyone who manages
> to get access to your ~/.ssh/identity file will be able to log into any host
> that you have set this up on, without a password. While it's a little more
> secure than .rhosts authentication, the absence of any kind of
> password/passphrase validation makes it (again IMHO) an undesirable option for
> the security conscious.
Well, you can use ssh-agent. Then its rsh equivalent and your identity is
still protected.
---Ingo Luetkebohle, CTO
dev/consulting Gesellschaft fuer Netzwerkentwicklung und -beratung mbH
url: http://www.devconsult.de/ - fon: 0521-1365800 - fax: 0521-1365803
