ssh private key password

Gregory Maxwell gmaxwell at gmail.com
Sat Jan 10 01:27:47 UTC 2009


On Fri, Jan 9, 2009 at 9:16 AM, John W. Linville <linville at redhat.com> wrote:
> I'm not sure I see your point.  Changing focus to another window just
> to type a passphrase seems at best to add zero benefit and at worst
> to provide surprise and distraction.  What is the benefit?
[snip]

Presumably the GUI password dialog can XGrabKeyboard to prevent
keyboard sniffing. Your terminal can probably do it to, but you
probably have to tell it to and you probably do not.

A central unspoofable password dialog does make sense for improving
security, Fedora isn't there yet… but CLI apps kicking you to some
external dialog for passwords is a necessary step to that end.




More information about the fedora-devel-list mailing list