Re: [TriLUG] USB keychains and private keys

Fri, 16 Jul 2004 22:03:01 -0700 

I use a USB keychain to store my OpenSSH keys that I use on Linux and my
Mac. SSH always gripes about the damn file permissions so I just created
a shell function to take care of the problem for me. I don't have it on
hand, but it's something like:

sshforceadd() {
        local rc=1
        local file="$1"
        if [ -n "$file" -a -f "$file" ] ; then
                local bn=`basename "$file"`
                touch /var/tmp/$bn
                chmod 0600 /var/tmp/$bn
                cat "$file" > /var/tmp/$bn
                ssh-add /var/tmp/$bn ; rc=$?
                rm -f /var/tmp/$bn
        fi
        return $rc
}

This way I don't have to worry about the mount permissions.

-Weave
                

Joseph Mack NA3T [EMAIL PROTECTED] wrote on Thu, Jul 15, 2004 at 03:57:39AM -0700:
> I was thinking of getting a USB keychain flashcard to store (among other
> things) my private key(s). However ssh requires that your private key be
> 400. I assume the USB keychains are vfat, in which case you can only set
> the permissions to 444, and ssh won't accep the private key (tested on a
> vfat floppy).
> 
> Presumably I could put an ext3 file system on there, but then I won't be
> able to use the device to transfer files to a windows machine (which
> admittedly I don't do a whole lot, but would be useful to be able to do).
> 
> I understand that you're not supposed to reformat these devices a whole
> lot, and that you should use cramfs if you're going to reformat them.
> 
> Do people store their private keys on these USB keychains?
> 
> Can someone straighten me out?
> 
> Thanks Joe
> 
> -- 
> Joseph Mack NA3T EME(B,D), FM05lw North Carolina
> jmack (at) wm7d (dot) net - azimuthal equidistant map
> generator at http://www.wm7d.net/azproj.shtml
> Homepage http://www.austintek.com/ It's GNU/Linux!
> -- 
> TriLUG mailing list        : http://www.trilug.org/mailman/listinfo/trilug
> TriLUG Organizational FAQ  : http://trilug.org/faq/
> TriLUG Member Services FAQ : http://members.trilug.org/services_faq/
> TriLUG PGP Keyring         : http://trilug.org/~chrish/trilug.asc

Attachment: pgp6RXodNqLRe.pgp
Description: PGP signature

-- 
TriLUG mailing list        : http://www.trilug.org/mailman/listinfo/trilug
TriLUG Organizational FAQ  : http://trilug.org/faq/
TriLUG Member Services FAQ : http://members.trilug.org/services_faq/
TriLUG PGP Keyring         : http://trilug.org/~chrish/trilug.asc

Reply via email to