How to remove "user at host's password" from ssh login prompt?
Karl Auer
kauer at biplane.com.au
Tue Sep 4 12:33:55 UTC 2018
On Tue, 2018-09-04 at 12:28 +0100, Colin Watson wrote:
> Ideally, I'd recommend just setting up public-key authentication to
> everything you use at all regularly.
Yes.
> public-key authentication is easier to use once you've set it up
> (since you won't be prompted at all) and generally safer if you trust
> your client.
Depends what you mean by "trust your client". If you do not use a
passphrase on your ssh keys, then anyone with your computer can log in
wherever those keys permit, without further ado. Or, if they steal or
otherwise obtain your private keys, they can do so from any computer.
Unless being used in automation (and then wrapped in other security
mechanisms), ssh keys should always have good solid passphrases.
And before some pimply security wonk tells me that passphrases aren't
secure - yes, they are, if you choose a nice long one. They are not AS
secure as the keys themselves, but they are a damn sight better than
nothing. ssh-agent will help you not have to enter it too often.
Regards, K.
--
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Karl Auer (kauer at biplane.com.au)
http://www.biplane.com.au/kauer
http://twitter.com/kauer389
GPG fingerprint: A0CD 28F0 10BE FC21 C57C 67C1 19A6 83A4 9B0B 1D75
Old fingerprint: A52E F6B9 708B 51C4 85E6 1634 0571 ADF9 3C1C 6A3A
More information about the ubuntu-users
mailing list