Today's article was written by a guest and is about SSH Keys.

KGIII

Super Moderator
Staff member
Gold Supporter
Joined
Jul 23, 2020
Messages
4,064
Reaction score
3,737
Credits
32,636


jpnilson

Member
Joined
Jul 31, 2021
Messages
68
Reaction score
42
Credits
614
Thanks to @captain-sensible for the article!


As always, feedback is appreciated.
I thought this was a great article. The only thing I would suggest is to make sure to emphasize you always protect your private key with a good pass phrase. If someone gets a hold of your private key without a pass phrase they then own what ever you are protecting with that key pair. If you don't use a pass phrase keys are actually more dangerous than using a password.
 
OP
K

KGIII

Super Moderator
Staff member
Gold Supporter
Joined
Jul 23, 2020
Messages
4,064
Reaction score
3,737
Credits
32,636
That is a good point. Hmm... I could look for a spot to add it into the article, though I'd think that would be intuitive, it should probably get mentioned for those that don't know.
 

captain-sensible

Well-Known Member
Joined
Jun 14, 2019
Messages
2,548
Reaction score
1,687
Credits
15,217
if you look at the image it asks for a passphrase but you can skip and just hit return
 

jpnilson

Member
Joined
Jul 31, 2021
Messages
68
Reaction score
42
Credits
614
I agree its in the image. I was just thinking a sentence or two explaining the importance of protecting their private key would be a good idea. In my mind its the difference between having a two factor security solution and something that is incredibly dangerous. I actually saw someone who had omitted the password inadvertently while on a webex meeting. I watched a product manage have a mini meltdown right before my eyes. It was easy enough to push out new public keys for the individual since there was no confidence in the fact he had protected the key sufficiently. It was very lucky it wasn't a career ending event for that individual.
 

captain-sensible

Well-Known Member
Joined
Jun 14, 2019
Messages
2,548
Reaction score
1,687
Credits
15,217
well i guess the article might say something like its possible to generate keys without a passphrase , which was shown for convenience, but its a simple matter to add a passphrase and for extra security its recommended . Only a quick edit for David :^)
 
$100 Digital Ocean Credit
Get a free VM to test out Linux!

Members online


Latest posts

Top