Duplicate/unique SSH key-pairs for multiple clients?
Brian
lists at karas.net
Thu Apr 7 16:42:00 EDT 2005
The only real danger comes if the laptops are lost and recovered by someone
who has any idea about linux. If you just regenerate the hosts key and/or
otherwise render the key on the laptop invalid, then you're at no risk.
Most people tend to notice fairly quickly if their laptop is missing.
You can further alleviate the problem by minimizing what IP's the server
will accept SSH connections from. If you travel a lot there are a dozen
different ways to setup port-knocking type routines to automate this.
> -----Original Message-----
>
> Ted -
>
> I'm just looking for a little bit of clarification here. Are
> the laptops being used as clients to connect to remote
> systems? In other words, you're logging in to servers from
> the laptop(s) without requiring keyboard input (specifically,
> passwords)?
>
> If this is the case, in my opinion the solution is quite
> simple. Don't do that! 8) Seriously, this sounds like an
> inherently insecure idea.
> Again, providing I'm understanding the setup correctly, I
> would do what you say above and generate new public/private
> keys for use on the laptops ... but I certainly wouldn't make
> them passwordless.
>
> --
> "Pay attention son! You've got the attention span of an art
> major in a computer cluster!" - Sam Stoddard
>
> Cole Tuininga
> Lead Developer
> Code Energy, Inc
> colet at code-energy.com
> PGP Key ID: 0x43E5755D
>
>
> _______________________________________________
> gnhlug-discuss mailing list
> gnhlug-discuss at mail.gnhlug.org
> http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
>
More information about the gnhlug-discuss
mailing list