ssh private key password
Andrew Haley
aph at redhat.com
Fri Jan 9 09:45:09 UTC 2009
Ron Yorston wrote:
> Kevin Kofler <kevin.kofler at chello.at> wrote:
>> Jerry Amundson wrote:
>>> Users, naturally, would not "want this" - it's intrusive and
>>> completely unnecessary. In the Windows world, IT staff would be be
>>> bombarded with virus warnings.
>>>
>>> Please, make "false" the default.
>> Uh, a GUI prompt for the passphrase is a feature. It also gets used when you
>> use SSH from a GUI app, such as a client for a version control system. I
>> don't see how this is a problem.
>
> My ssh passphrase is a private matter between me and the ssh client. I
> don't even trust ssh-agent, why would I trust some unexpected GUI that
> pops up and demands my passphrase?
That's right. The key argument against a pop-up dialog box that asks
for the passphrase is that we're training people to type secrets into
pop-up dialog boxes. Bad psychology, bad security.
Andrew.
More information about the fedora-devel-list
mailing list