Problems with rsync over ssh
William Hooper
whooperhsd3 at earthlink.net
Thu Mar 30 14:31:37 UTC 2006
Les Mikesell wrote:
> On Thu, 2006-03-30 at 07:58, Anne Wilson wrote:
>
>>>
>>> If your ssh key has a passphrase, the only reason it works
>>> manually is that you have entered that passphrase previously and
>>> ssh-agent remembers it for you within that session. The cron job has
>>> no connection to that session and the agent wouldn't provide the
>>> passphrase even if it could. If you want it to run without entering
>>> the passphrase, make keys with an empty passphrase.
>>>
>> I see. Questions, then -
>>
>>
>> As this LAN is behind a hardware firewall, it's probably reasonably
>> safe, but what risk is there?
>
> The risk is that anyone who can copy your private key can
> pretend to be you for any service that depends on the matching public key.
> It is up to the filesystem permissions
> to protect it.
You can also set up the authorized_keys file so that the key is only valid
from certain hosts. See man sshd for the format.
--
William Hooper
More information about the fedora-list
mailing list