@VM.MARIST.EDU
To: LINUX-390@VM.MARIST.EDU
Subject: Really silly SSH question.
Date: Thu, 14 Apr 2005 13:11:13 -0500
Just for grins and giggles, I created an SSH private key/public key
pair. I can now use PuTTY to logon to Linux without using my Linux
password. Instead, I must use a Passphrase. What
On Thu, Apr 14, 2005 at 01:11:13PM -0500, McKown, John wrote:
| Just for grins and giggles, I created an SSH private key/public key
| pair. I can now use PuTTY to logon to Linux without using my Linux
| password. Instead, I must use a Passphrase. What have I gained? I did
| replace my password
The most significant thing imho is that you separate authentication
(by showing your private key) and access control (the system holding a
list of public keys that are valid for access). You only need one
passphrase to decode your private key and can use that for all systems
that you logon to,
Just for grins and giggles, I created an SSH private key/public key
pair. I can now use PuTTY to logon to Linux without using my Linux
password. Instead, I must use a Passphrase. What have I gained? I did
replace my password with a passphrase, but how is that more secure? I
don't see a way to say:
I have never tried this, but I believe if you don't specify a
passphrase your private key is not encrypted on the HD and you won't
be prompted for it.
Have you tried generating a pair without giving a passphrase?
Rod
On 4/14/05, McKown, John [EMAIL PROTECTED] wrote:
Just for grins and giggles,
-Original Message-
From: Linux on 390 Port [mailto:[EMAIL PROTECTED] On
Behalf Of Rod Clayton
Sent: Thursday, April 14, 2005 1:24 PM
To: LINUX-390@VM.MARIST.EDU
Subject: Re: Really silly SSH question.
I have never tried this, but I believe if you don't specify a
passphrase
Hi,
On 4/14/05, McKown, John [EMAIL PROTECTED] wrote:
password. Instead, I must use a Passphrase. What have I gained? I did
replace my password with a passphrase, but how is that more secure? I
A passphrase is a password to access your private LOCAL key.
The passph is used locally to access
.
Mark Post
-Original Message-
From: Linux on 390 Port [mailto:[EMAIL PROTECTED] On Behalf Of
McKown, John
Sent: Thursday, April 14, 2005 1:11 PM
To: LINUX-390@VM.MARIST.EDU
Subject: Really silly SSH question.
Just for grins and giggles, I created an SSH private key/public key pair. I
this information then you
will need to type something every time.
-Original Message-
From: Linux on 390 Port [mailto:[EMAIL PROTECTED] Behalf Of
McKown, John
Sent: Thursday, April 14, 2005 11:28 AM
To: LINUX-390@VM.MARIST.EDU
Subject: Re: Really silly SSH question.
-Original Message
*** Reply to note of Thu, 14 Apr 2005 13:11:13 -0500 (EST/CDT)
*** by LINUX-390@VM.MARIST.EDU
You would add your passphrase to PuTTY's pagent?
Sal
McKown, John [EMAIL PROTECTED] writes:
Just for grins and giggles, I created an SSH private key/public key
pair. I can now use PuTTY to logon to
On Apr 14, 2005, at 1:11 PM, McKown, John wrote:
Just for grins and giggles, I created an SSH private key/public key
pair. I can now use PuTTY to logon to Linux without using my Linux
password. Instead, I must use a Passphrase. What have I gained? I did
replace my password with a passphrase, but
-Original Message-
From: Linux on 390 Port [mailto:[EMAIL PROTECTED] On
Behalf Of Fargusson.Alan
Sent: Thursday, April 14, 2005 1:36 PM
To: LINUX-390@VM.MARIST.EDU
Subject: Re: Really silly SSH question.
I see a flaw in your logic here. If you don't want to type
anything
Subject: Re: Really silly SSH question.
-snip-
Now to see how to setup SSH on the server to disallow passwords, as
indicated in another message.
--
For LINUX-390 subscribe / signoff / archive access instructions,
send email to [EMAIL
- Original Message -
From: McKown, John [EMAIL PROTECTED]
To: LINUX-390@VM.MARIST.EDU
Sent: Thursday, April 14, 2005 2:11 PM
Subject: Really silly SSH question.
Just for grins and giggles, I created an SSH private key/public key
pair. I can now use PuTTY to logon to Linux without using
For added security you can also have your key on a physical smart card
(in that case you need a card reader on your PC). Then a cracker will
need both your card and the passph.
This is a great way to use small-size USB memory drives, BTW.
If you're clever about it, you can also store other
Instead, I must use a Passphrase. What have I gained?
John ...
I'm not a security expert,
but I believe those who are would put it something like this:
You have more security now because there are TWO things required
for you to connect to the remote system: what you KNOW (same as
If you use PuTTY on Windows you can install Pageant (this is included in
the installer package), and load your key (and type your passpharse) only
_one time_ (when Pageant is running), and than you can logon to every
system without passwords.
Linux on 390 Port LINUX-390@VM.MARIST.EDU rta
17 matches
Mail list logo