[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

Re: ssh private key password

From: Andrew Haley <aph redhat com>
To: Development discussions related to Fedora <fedora-devel-list redhat com>
Subject: Re: ssh private key password
Date: Fri, 09 Jan 2009 09:45:09 +0000

Ron Yorston wrote:
> Kevin Kofler <kevin kofler chello at> wrote:
>> Jerry Amundson wrote:
>>> Users, naturally, would not "want this" - it's intrusive and
>>> completely unnecessary. In the Windows world, IT staff would be be
>>> bombarded with virus warnings.
>>>
>>> Please, make "false" the default.
>> Uh, a GUI prompt for the passphrase is a feature. It also gets used when you
>> use SSH from a GUI app, such as a client for a version control system. I
>> don't see how this is a problem.
> 
> My ssh passphrase is a private matter between me and the ssh client.  I
> don't even trust ssh-agent, why would I trust some unexpected GUI that
> pops up and demands my passphrase?

That's right.  The key argument against a pop-up dialog box that asks
for the passphrase is that we're training people to type secrets into
pop-up dialog boxes.  Bad psychology, bad security.

Andrew.

Follow-Ups:
- Re: ssh private key password
  - From: Callum Lerwick

References:
- ssh private key password
  - From: nodata
- Re: ssh private key password
  - From: Horst H. von Brand
- Re: ssh private key password
  - From: nodata
- Re: ssh private key password
  - From: Ricky Zhou
- Re: ssh private key password
  - From: nodata
- Re: ssh private key password
  - From: Ricky Zhou
- Re: ssh private key password
  - From: nodata
- Re: ssh private key password
  - From: Matthias Clasen
- Re: ssh private key password
  - From: Jerry Amundson
- Re: ssh private key password
  - From: Kevin Kofler
- Re: ssh private key password
  - From: Ron Yorston

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]