Comments on: Secure SSH, CVS, SCP without Password Prompt http://martin.ankerl.com/2005/09/22/secure-ssh-cvs-scp-without-password-prompt/ No movement is faster than no movement Wed, 01 Sep 2010 15:03:12 +0000 hourly 1 http://wordpress.org/?v=abc By: Masked Phrogg http://martin.ankerl.com/2005/09/22/secure-ssh-cvs-scp-without-password-prompt/comment-page-1/#comment-5622 Masked Phrogg Sun, 01 Mar 2009 00:02:49 +0000 http://martin.ankerl.com/?p=28#comment-5622 Ah ha! I'm coming a bit late to this party :) Always wondered what was meant by keyed entry aka passwordless entry via ssh. Thanx for the clue :-o I don't do anything "mission critical" and the password request does get to be a nuisance at times. Now to figure out how to keep some keys on local fs and some keys on transient storage (aka usb Storage unit) Ah ha!
I’m coming a bit late to this party :)
Always wondered what was meant by keyed entry aka passwordless entry via ssh.
Thanx for the clue :-o
I don’t do anything “mission critical” and the password request does get to be a nuisance at times. Now to figure out how to keep some keys on local fs and some keys on transient storage (aka usb Storage unit)

]]> By: Martin Carpella http://martin.ankerl.com/2005/09/22/secure-ssh-cvs-scp-without-password-prompt/comment-page-1/#comment-20 Martin Carpella Fri, 13 Jul 2007 07:26:21 +0000 http://martin.ankerl.com/?p=28#comment-20 Yes of course, you are right about this. Given you notice the theft. Ok, I agree, I am just a little bit over-cautious here (others may also call it paranoia ;-)). Yes of course, you are right about this. Given you notice the theft. Ok, I agree, I am just a little bit over-cautious here (others may also call it paranoia ;-) ).

]]> By: Martin Ankerl http://martin.ankerl.com/2005/09/22/secure-ssh-cvs-scp-without-password-prompt/comment-page-1/#comment-19 Martin Ankerl Thu, 12 Jul 2007 11:04:13 +0000 http://martin.ankerl.com/?p=28#comment-19 Hi Capi! I don't see much of a security problem here. When the private key is stolen, the server can easily revoke the access rights for that user. Hi Capi! I don’t see much of a security problem here. When the private key is stolen, the server can easily revoke the access rights for that user.

]]> By: Martin Carpella http://martin.ankerl.com/2005/09/22/secure-ssh-cvs-scp-without-password-prompt/comment-page-1/#comment-18 Martin Carpella Thu, 12 Jul 2007 10:44:08 +0000 http://martin.ankerl.com/?p=28#comment-18 Hi, I know this is a rather old article, but I just found it on your "Top 10". I'd strongly recommend against using password-less private keys, as stealing the key also means stealing the ability to login to the other remote systems. I, for myself, use passwords for keys, and use tools like pageant (for PuTTY/Win32) and Gentoo Keychain. This allows me to have to just type in the key once per reboot. This is especially useful if you are using tools that depend on automatic login (like unison for instance). Best regards, Martin Hi, I know this is a rather old article, but I just found it on your “Top 10″.

I’d strongly recommend against using password-less private keys, as stealing the key also means stealing the ability to login to the other remote systems. I, for myself, use passwords for keys, and use tools like pageant (for PuTTY/Win32) and Gentoo Keychain. This allows me to have to just type in the key once per reboot. This is especially useful if you are using tools that depend on automatic login (like unison for instance).

Best regards,
Martin

]]>