On Tuesday, January 21, 2003, at 03:00 PM, Bob Willcox wrote:

On Tue, Jan 21, 2003 at 02:38:33PM -0800, Michael K. Smith wrote:

Did you create your keys with no passwords, as in "ssh-keygen -t dsa"
then just hit return a couple of times instead of giving a password?
No, I didn't try that yet...just did now and it works! Great! :-) What
is the downside (if any) to not specifying a passphrase?
Well, if someone got your private keys without a password, they could use them to log in all over your network using just the scenario you are using now. That's one reason to have rwx for the user only on the .ssh directory. But, I think the likelihood of this is fairly small (famous last words, I know).


------------------------------------------------------------------------ --
Michael K. Smith NoaNet
206.219.7116 (work) 206.579.8360 (cell)
[EMAIL PROTECTED] http://www.noanet.net

To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-questions" in the body of the message

Reply via email to