On private keys with or without passphrases: you have to choose your poison.
If you give your private key a passphrase, it is theoretically unusable without possession of the passphrase -- by intruders, but also by your server. You will have to have someone supply the passphrase before the protected service will be able to function. Every time you start it. Any scheme which attempts to supply the passphrase automatically is either equivalent to no passphrase or requires operator intervention at every startup. You cannot escape this. If you do not give your private key a passphrase, anyone who has access to the key will be able to use it. If an intruder has access to the key file, however, I think you have a much bigger problem. Many who have considered this problem have decided to: o go with no passphrase; o ensure that the key file has proper ownership and protection asserted, so that only trusted accounts have access; o control the use of trusted accounts; o control physical access to the machine. The last two are no special burden; we should all be doing those things anyway for other very good reasons. On Wed, Jun 18, 2008 at 03:17:44PM +1000, Gary Browne wrote: > Now if I could just figure out how to add a new page to > http://wiki.dspace.org ... anybody? http://www.mediawiki.org/wiki/Manual:FAQ#How_do_I_create_a_new_page.3F -- Mark H. Wood, Lead System Programmer [EMAIL PROTECTED] Typically when a software vendor says that a product is "intuitive" he means the exact opposite.
pgpD9KbTku279.pgp
Description: PGP signature
------------------------------------------------------------------------- Check out the new SourceForge.net Marketplace. It's the best place to buy or sell services for just about anything Open Source. http://sourceforge.net/services/buy/index.php
_______________________________________________ DSpace-tech mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/dspace-tech
