SSH allows one to generate a public/private key pair and use them for logging in without a password. Very convenient. However, most people do this in an insecure way, by using a blank passphrase on the private key. If you set a pass phrase on the private key, then every time you use it to login to a remote machine, you'll need to enter it, which defeats the utility of key based authentication.
A three part article by IBM goes into the details of how SSH works, and how to use public key authentication while still maintaining the security of your private key.
Its a bit involved, but definitely worth a read.
No comments:
Post a Comment