Herbert Xu wrote:
>
> On Sat, Feb 09, 2002 at 07:54:29PM -0500, Jeff Garzik wrote:
> > Herbert Xu wrote:
> > >
> > > Setup your key with an empty passphrase should do the trick.
> >
> > Ug. no. That is way way insecure.
> >
> > Most modern distros have an ssh-agent running as a parent of all
> > X-spawned processed (including processes spawned by xterms). So, one
> > only needs to run
> > ssh-add ~/.ssh/id_dsa ~/.ssh/identity
> > once, and input your password once. After that, no passwords are
> > needed.
>
> This is fine for interactive use. But for a daily cron job, it's
> just as insecure as no passphrases at all.
It is far easier to guess your private key with a blank passphrase.
Jeff
-- Jeff Garzik | "I went through my candy like hot oatmeal Building 1024 | through an internally-buttered weasel." MandrakeSoft | - goats.com - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Fri Feb 15 2002 - 21:00:30 EST