At Wed, 30 Jul 2014 22:17:43 -0700, tony mancill wrote: > I contacted the upstream author (on the cc: - hi Frank), and his concern > with the passphraseless key trigger mechanism is precisely that you > don't have a passphrase. The key is unprotected and subject to > theft/unauthorized use. This could potentially occur on the system that > is (normally) the legitimate source of the trigger.
But ssh-cron will need to have the passphrase to be able to use the key, so someone who can steal the key from ssh-cron can also steal the passphrase from ssh-cron. What is the added security benefit of storing a key and passphrase instead of a passphraseless key? -- To UNSUBSCRIBE, email to debian-wnpp-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/87ppglmbor.wl%jer...@dekkers.ch
