Results 1 to 3 of 3
Hey, I was just wondering if people opted to password protect their RSA keys, or if they just left them raw. For me, I like to hope that I maintain ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
- 10-03-2012 #1
- Join Date
- Aug 2011
Password Protected RSA keys for ssh
Hey, I was just wondering if people opted to password protect their RSA keys, or if they just left them raw. For me, I like to hope that I maintain privacy over my linux machine (ones sneaked away in my basement, and the other is my laptop, at my side, with password protected encryption already applied to my home directory). That being the case, I just leave my rsa keys un-passworded and enjoy the reduced need for typing a password every time.
So what do you guys do? Also, what tools do you use for auditing passwords if you feel passwords protection is the best route to go?
- 10-03-2012 #2
It depends what you're using them for. As I use my keys for ssh login from the same bits of kit each time, I have no password protection on them. If I wanted to start using the keys on 3rd party machines, such as in cafes or motorway service stations I'd probably want a key with a password just in case my keys were inadvertently left on the public machine.Linux user #126863 - see http://linuxcounter.net/
- 10-03-2012 #3
A passphrase for a ssh private key is mandatory, at least at my workplace and in my opinion.
It adds a layer of security and buys time, in case the private key getīs exposed *somehow*.
As for the inconvenience of having to enter it each time: This is not the case, if you use ssh-agentYou must always face the curtain with a bow.