> [: Tom Albers :] > [...] If you don't completely trust a certain computer, you might not use > your ssh key which gives you access to other important machines, but > rather use a second key on those machines for example. One that can be > replaced easily if compromised.
> [: Sitaram Chamarty :] > [...] suppose my laptop is stolen and broken into (due to physical access > and un-encrypted home partition let's say). When I discover that, I have > to not only pull those keys out from all the servers to which that private > key gives access, (which I have to do in any case) but I now additionally > have to regenerate new keys on all the other machines and submit them. Thanks for the illustrative examples. I now see how per-machine keys don't change the security picture, and yet can provide for less access downtime. -- Chusslove Illich (Часлав Илић)
signature.asc
Description: This is a digitally signed message part.
_______________________________________________ Kde-scm-interest mailing list [email protected] https://mail.kde.org/mailman/listinfo/kde-scm-interest
