[olug] SSH public/private keys

thehaas at binary.net thehaas at binary.net
Wed Nov 12 01:02:12 UTC 2003


On Tue, Nov 11, 2003 at 06:13:30PM -0600, Christopher Cashell wrote:
[snip] 
> Hrm. . . I think you're missing a step, here.  My experience is that you
> need to use ssh-agent[1] in order to bypass entering a password each
> time you login to a new machine.
[snip] 
>  [1] ssh-agent is like a password cache for SSH.  You start it up,
>      frequently as part of a login script, and then use 'ssh-add' to
>      tell it about an SSH key and the corresponding password.  From that
>      period on, any requests for that SSH key will be handled.
> 

Keychain is a good "manager" for ssh-agent -- you put it into your
.bashrc and it detects if you are running ssh-agent already on that
machine.  If you are, it latches on to that one, if not, you enter in
your password, etc. 

As far as security goes, it does eliminate the password on your private
key.  But if you have multiple logons to the same system, it can help you
with the hassle of typing in your password again and again (and lessening
the chance of having someone look over your shoulder to get your
password, etc.).

http://www.gentoo.org/proj/en/keychain.xml

-- 
Mike Hostetler          
thehaas at binary.net
http://users.binary.net/thehaas 
Stop Spam: http://wecanstopspam.org/

Maier's Law: If the facts don't conform to the theory, they must be    
disposed of.                                                            




More information about the OLUG mailing list