Problems with rsync over ssh
Les Mikesell
lesmikesell at gmail.com
Thu Mar 30 14:10:12 UTC 2006
On Thu, 2006-03-30 at 07:58, Anne Wilson wrote:
> >
> > If your ssh key has a passphrase, the only reason it works
> > manually is that you have entered that passphrase
> > previously and ssh-agent remembers it for you within
> > that session. The cron job has no connection to that
> > session and the agent wouldn't provide the passphrase
> > even if it could. If you want it to run without entering
> > the passphrase, make keys with an empty passphrase.
> >
> I see. Questions, then -
>
> As this LAN is behind a hardware firewall, it's probably reasonably safe, but
> what risk is there?
The risk is that anyone who can copy your private key can
pretend to be you for any service that depends on the
matching public key. It is up to the filesystem permissions
to protect it.
> I presume that I will have to remove the keys presently installed?
Yes. There is not much point in keeping the other set around.
--
Les Mikesell
lesmikesell at gmail.com
More information about the fedora-list
mailing list