BLU Discuss list archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Discuss] ssh keys question
- Subject: [Discuss] ssh keys question
- From: richb at pioneer.ci.net (Rich Braun)
- Date: Fri, 17 Jun 2016 11:20:48 -0700
- In-reply-to: <mailman.11.1466179204.26887.discuss@blu.org>
- References: <mailman.11.1466179204.26887.discuss@blu.org>
What I do to reduce odds of lockout when I'm traveling is this: accept passwordless ssh first, and if that fails, fall back on 2-factor auth (password + Google Authenticator). I could still get locked out if my phone/laptop both get stolen, but in that case I can retrieve the ssh private key from an encrypted locker in the cloud someplace (protected by a different, memorized passphrase). You should also encrypt your private key with a passphrase, using 'ssh-keygen -p'. The ssh-agent allows you to use it repeatedly for the duration of a session without having to retype the password multiple times. I often wish sudo had functionality similar to ssh-agent: a way to require a token established at session start, rather than a password entered every time. -rich
- Follow-Ups:
- [Discuss] ssh keys question
- From: kentborg at borg.org (Kent Borg)
- [Discuss] ssh keys question
- From: kentborg at borg.org (Kent Borg)
- [Discuss] ssh keys question
- From: smallm at sdf.org (Mike Small)
- [Discuss] ssh keys question
- From: me at mattgillen.net (Matthew Gillen)
- [Discuss] ssh keys question
- Prev by Date: [Discuss] ssh keys question
- Next by Date: [Discuss] ssh keys question
- Previous by thread: [Discuss] ssh keys question
- Next by thread: [Discuss] ssh keys question
- Index(es):
