Hi, I've always used password-protected ssh keys, with ssh-agent, and in recent year, I've been using full disk encryption as well. I'm wondering if there's some redundancy here, and if using FDE nullifies the need for password-protecting the keys, or if there's some attack vector I'm no considering.
Keep in mind that I using ssh-agent, and unlock the keys usually as a first action after startup (I guess *not* using ssh-agent completely changes the scenario). Thanks, -- Hugo Osvaldo Barrera
