6 May
2006
6 May
'06
12:27 p.m.
Eric Dondelinger a écrit :
Hi,
On Fri, May 05, 2006 at 04:15:44PM +0200, Brent Frere wrote:
I won't be more explicit on the way I use this feature, as I don't want
to disclose my employer security habits, but could you be more explicit
about your idea implying ssh-agent ?
Thank you.
--
Brent Frère
Private e-mail: Brent(a)BFrere.net
Postal address: 58, rue d'Esch
L-3720 Rumelange
Grand-Duchy of Luxembourg
European Union
Mobile: +352-021/29.05.98
Fax: +352-26.30.05.96
Home: +352-307.341
URL: http://BFrere.net
If you have problem with my digital signature, please install the appropriate authority
certificate by browsing https://www.cacert.org/certs/root.crt.
When you generated the key (id_rsa), you've
been prompted for a
passphrase, in order to avoid anybody discovering the file to gain
access as you would.
Now, you need to type in the passphrase to 'unlock' the key each time
you wish to use it. But you don't need anymore to enter a password to
gain access to the remote host.
If you don't want to have to enter such a passphrase, just avoid
entering any passphrase when generating the key.
... which of course is less than optimal from a security point
of view. If you managed a number of servers this way, it would
be sufficient for a cracker to get access to your single machine,
and he could play with all those servers.
Thus, depending on your needs, have a look at ssh-agent.