Utility to scan for unpassworded SSH privkeys?
Dan Kaminsky
dan at doxpara.com
Fri May 24 11:41:44 EST 2013
Some being the operative word.
(And no, not crapping on good work. Prepping to do quite a bit *more*
work.)
On Thu, May 23, 2013 at 6:32 PM, Darren Tucker <dtucker at zip.com.au> wrote:
> On Thu, May 23, 2013 at 05:39:56PM -0700, Dan Kaminsky wrote:
> > Effectively nobody passphrases their ssh keys. They're used as a way
> > to *suppress* password entry in the real world -- use this, and things
> > just work rather than poking you each time.
>
> Well some people do use ssh-agent or equivalent so the key is at least
> encrypted on disk.
>
> --
> Darren Tucker (dtucker at zip.com.au)
> GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69
> Good judgement comes with experience. Unfortunately, the experience
> usually comes from bad judgement.
>
More information about the openssh-unix-dev
mailing list