On Sunday, March 12, 2017 at 5:17:39 PM UTC-4, cooloutac wrote: > On Sunday, March 12, 2017 at 5:16:00 PM UTC-4, cooloutac wrote: > > On Sunday, March 12, 2017 at 11:00:21 AM UTC-4, [email protected] wrote: > > > What is the best way to handle ssh in Qubes? > > > > > > I have a set of machines I often log in to remotely, and I want to make > > > sure the sessions (as well as the private keys) are protected from > > > vulnerabilities in other applications. > > > > > > Currently I have set of a dedicates ssh qube from which I run all my ssh > > > sessions. I've also set its firewall to only allow access to the machines > > > I normally connect to. > > > > > > Is there a better way to handle this? Ideally, I'd like to be able to use > > > dispvms for ssh, but how would I handle the private keys? > > > > > > How do other people do this? > > > > > > Regards, > > > Elias > > > > I do it same as you, a seperate qube allowed only access to the server I > > ssh into. I use regular ssh command from terminal. You can save key or > > password in vault vm if you want and copy and paste it. But I don't bother > > cause I have it in .ssh folder anyways. > > if you want to use the key in adispvm folder you can probably put it in the > internal dvm.
I wouldn;t want to do this though cause iI use dispvm for untrusted tasks and wouldn't want key in there. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/91d19e91-9b5a-46d5-9c21-71faee2db26f%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
