Security Basics mailing list archives
RE: SSH Passphrase
From: Michael Cunningham <crayola () optonline net>
Date: Wed, 05 Mar 2003 19:49:06 -0500
I have accomplished this by generating a dsa key without a passphrase. Although this works I am worried about the security concerns of doing this? (Without a passphrase, how does it authenticate? Based on the machines dsa key which was made from machine specific entropy?)
It doesn't really authenticate. If you have access to that account on the server you are scping from, then you can login into the other box as well as that account. If you need a non interactive file transfer or login, then you are going to have to make some security concessions. I would suggest this.. http://www.sublimation.org/scponly/ It should help a little bit. And scp is definitely a lot better then rcp.. Mike -- Michael J. Cunningham (CISSP, SCNA, SCSA, CCSA)
Current thread:
- Re: Outlook web access rogue (Mar 03)
- <Possible follow-ups>
- Re: Outlook web access i.t (Mar 03)
- SSH Passphrase Stefan Lesicnik (Mar 05)
- RE: SSH Passphrase Michael Cunningham (Mar 06)
- RE: SSH Passphrase Michael Sconzo (Mar 06)
- Re: SSH Passphrase Devdas Bhagat (Mar 06)
- Re: SSH Passphrase David M. Fetter (Mar 06)
- Re: SSH Passphrase Janus N. (Mar 07)
- Re: SSH Passphrase Johan De Meersman (Mar 08)
- SSH Passphrase Stefan Lesicnik (Mar 05)
- Re: Outlook web access Devdas Bhagat (Mar 03)
- Re: Outlook web access Nuzman (Mar 04)
- Re: Outlook web access Chris Travers (Mar 03)
- RE: Outlook web access CHRIS GRABENSTEIN (Mar 03)
- RE: Outlook web access Jennifer Fountain (Mar 03)
(Thread continues...)