[Q] SCP/SFTP batch file password problem?
Ed Wilts
ewilts at ewilts.org
Tue Aug 16 20:58:31 UTC 2005
On Tue, Aug 16, 2005 at 03:21:17PM -0500, Kelley.Coleman at med.va.gov wrote:
> Chris - What, if anything, would be the benefit of using a passphrase with
> ssh, if you were using it mainly for shell scripts? Does it affect the
> functionality of the script? I've set all my ssh connections up without a
> passphrase, but I was curious about it.
I've set mine up without a passphrase too but I'll take a shot at
answering your question. Basically, if somebody has access to your
private key, every system that you have access to is now theirs. This
could be your backup admin or anybody that gets a hold of your backup
tapes.
With a passphrase, the key by itself doesn't get them anything. They
need both pieces of information to get anything useful.
The rest that most people set up keys without passphrases is that
they're much easier to work with. The way I read the keychain
information, you get the security of a passphrase without the pain. You
only enter your passphrase once and the server hangs on to an open
session that you connect to.
.../Ed
--
Ed Wilts, RHCE
Mounds View, MN, USA
mailto:ewilts at ewilts.org
Member #1, Red Hat Community Ambassador Program
More information about the redhat-list
mailing list