[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: ssh private key password



Ron Yorston wrote:
> Kevin Kofler <kevin kofler chello at> wrote:
>> Jerry Amundson wrote:
>>> Users, naturally, would not "want this" - it's intrusive and
>>> completely unnecessary. In the Windows world, IT staff would be be
>>> bombarded with virus warnings.
>>>
>>> Please, make "false" the default.
>> Uh, a GUI prompt for the passphrase is a feature. It also gets used when you
>> use SSH from a GUI app, such as a client for a version control system. I
>> don't see how this is a problem.
> 
> My ssh passphrase is a private matter between me and the ssh client.  I
> don't even trust ssh-agent, why would I trust some unexpected GUI that
> pops up and demands my passphrase?

That's right.  The key argument against a pop-up dialog box that asks
for the passphrase is that we're training people to type secrets into
pop-up dialog boxes.  Bad psychology, bad security.

Andrew.


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]