Today's article was written by a guest and is about SSH Keys.

KGIII

Super Moderator
Staff member
Gold Supporter
Joined
Jul 23, 2020
Messages
4,059
Reaction score
3,726
Credits
32,592


jpnilson

Member
Joined
Jul 31, 2021
Messages
68
Reaction score
42
Credits
614
Thanks to @captain-sensible for the article!


As always, feedback is appreciated.
I thought this was a great article. The only thing I would suggest is to make sure to emphasize you always protect your private key with a good pass phrase. If someone gets a hold of your private key without a pass phrase they then own what ever you are protecting with that key pair. If you don't use a pass phrase keys are actually more dangerous than using a password.
 
OP
K

KGIII

Super Moderator
Staff member
Gold Supporter
Joined
Jul 23, 2020
Messages
4,059
Reaction score
3,726
Credits
32,592
That is a good point. Hmm... I could look for a spot to add it into the article, though I'd think that would be intuitive, it should probably get mentioned for those that don't know.
 

captain-sensible

Well-Known Member
Joined
Jun 14, 2019
Messages
2,546
Reaction score
1,685
Credits
15,201
if you look at the image it asks for a passphrase but you can skip and just hit return
 

jpnilson

Member
Joined
Jul 31, 2021
Messages
68
Reaction score
42
Credits
614
I agree its in the image. I was just thinking a sentence or two explaining the importance of protecting their private key would be a good idea. In my mind its the difference between having a two factor security solution and something that is incredibly dangerous. I actually saw someone who had omitted the password inadvertently while on a webex meeting. I watched a product manage have a mini meltdown right before my eyes. It was easy enough to push out new public keys for the individual since there was no confidence in the fact he had protected the key sufficiently. It was very lucky it wasn't a career ending event for that individual.
 

captain-sensible

Well-Known Member
Joined
Jun 14, 2019
Messages
2,546
Reaction score
1,685
Credits
15,201
well i guess the article might say something like its possible to generate keys without a passphrase , which was shown for convenience, but its a simple matter to add a passphrase and for extra security its recommended . Only a quick edit for David :^)
 
$100 Digital Ocean Credit
Get a free VM to test out Linux!

Staff online


Top