Today's article was written by a guest and is about SSH Keys.

KGIII

Super Moderator
Staff member
Gold Supporter
Joined
Jul 23, 2020
Messages
11,497
Reaction score
9,994
Credits
95,326


Thanks to @captain-sensible for the article!


As always, feedback is appreciated.
I thought this was a great article. The only thing I would suggest is to make sure to emphasize you always protect your private key with a good pass phrase. If someone gets a hold of your private key without a pass phrase they then own what ever you are protecting with that key pair. If you don't use a pass phrase keys are actually more dangerous than using a password.
 
That is a good point. Hmm... I could look for a spot to add it into the article, though I'd think that would be intuitive, it should probably get mentioned for those that don't know.
 
if you look at the image it asks for a passphrase but you can skip and just hit return
 
It seems intuitive *to me* that a strong password is a good idea *if* one wants the added security.
 
I agree its in the image. I was just thinking a sentence or two explaining the importance of protecting their private key would be a good idea. In my mind its the difference between having a two factor security solution and something that is incredibly dangerous. I actually saw someone who had omitted the password inadvertently while on a webex meeting. I watched a product manage have a mini meltdown right before my eyes. It was easy enough to push out new public keys for the individual since there was no confidence in the fact he had protected the key sufficiently. It was very lucky it wasn't a career ending event for that individual.
 
well i guess the article might say something like its possible to generate keys without a passphrase , which was shown for convenience, but its a simple matter to add a passphrase and for extra security its recommended . Only a quick edit for David :^)
 


Latest posts

Top