Paul Romero wrote: > How do you recommend protecting private keys in an automated > environment ?
It's very straightforward. Move them as far away from the application as possible. The first step is to use an agent process. Protected mode, MMUs and the operating system offers some protection from errors in the libssh2 application. Next step is to make sure that the agent runs as a distinct user in the OS, which gets you more protection at the kernel level. A further step might be to move the key into dedicated hardware such as a smart card or crypto token. //Peter _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel
