[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Problems with rsync over ssh



Les Mikesell wrote:
> On Thu, 2006-03-30 at 07:58, Anne Wilson wrote:
>
>>>
>>> If your ssh key has a passphrase, the only reason it works
>>> manually is that you have entered that passphrase previously and
>>> ssh-agent remembers it for you within that session.  The cron job has
>>> no connection to that session and the agent wouldn't provide the
>>> passphrase even if it could.   If you want it to run without entering
>>> the passphrase, make keys with an empty passphrase.
>>>
>> I see.  Questions, then -
>>
>>
>> As this LAN is behind a hardware firewall, it's probably reasonably
>> safe, but what risk is there?
>
> The risk is that anyone who can copy your private key can
> pretend to be you for any service that depends on the matching public key.
> It is up to the filesystem permissions
> to protect it.

You can also set up the authorized_keys file so that the key is only valid
from certain hosts.  See man sshd for the format.


-- 
William Hooper


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]