zuzu on 10 Jun 2009 19:40:13 -0700


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] Pros and cons of key-pair based vs password based SSH... 

On Wed, Jun 10, 2009 at 8:21 PM, zuzu<sean.zuzu@gmail.com> wrote:
> The nice thing about key-based ssh logins is remote tab-completion.
> (e.g. tab-completing an scp command)

dug this out of my archives:

ssh-keychain:
http://www.gentoo.org/proj/en/keychain/index.xml

http://www-128.ibm.com/developerworks/linux/library/l-keyc.html
http://www-128.ibm.com/developerworks/linux/library/l-keyc2/

> On 6/10/09, Fred Stluka <fred@bristle.com> wrote:
>> Linux experts,
>>
>> Any thoughts on the pros and cons of key-pair based vs password
>> based SSH access?
>>
>> If my server's /etc/ssh/sshd_config file has the line:
>>     PasswordAuthentication no
>> I can't login via ssh using a password.  I have to instead use
>> a key-pair, which is stored in a file on the client.  This is
>> more secure.
>>
>> However, then I can only ssh from client machines where I have
>> a copy of the key-pair file, right?
>>
>> For the ability to ssh from any client machine, without having
>> to carry my key-pair file on a USB drive or something, is it
>> reasonable to just change the server's config file to say:
>>     PasswordAuthentication yes
>>
>> Or is there a more secure way to get this convenience?
>>
>> Thanks!
>> --Fred
>> ---------------------------------------------------------------------
>> Fred Stluka -- mailto:fred@bristle.com -- http://bristle.com/~fred/
>> Bristle Software, Inc -- http://bristle.com -- Glad to be of service!
>> ---------------------------------------------------------------------
>>
>>
>> ___________________________________________________________________________
>> Philadelphia Linux Users Group         --        http://www.phillylinux.org
>> Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
>> General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug
>>
>
___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug