Wednesday, November 2, 2011

SSH auto login, no password, with security

Title is a mouth full, but very important.

SSH allows one to generate a  public/private key pair and use them for logging in without a password.  Very convenient.  However, most people do this in an insecure way, by using a blank passphrase on the private key.  If you set a pass phrase on the private key, then every time you use it to login to a remote machine, you'll need to enter it, which defeats the utility of key based authentication.

A three part article by IBM goes into the details of how SSH works, and how to use public key authentication while still maintaining the security of your private key.

Its a bit involved, but definitely worth a read.


No comments:

Post a Comment