Re: If you do go with ssh..

Yeah, it won't ask for a password then, but it will ask for a passphrase instead. Now, it's possible to set an empty passphrase, such that it won't ask for one, but I strongly advice against that. That will weaken your security, because if machine1 is compromised, machine2 is as well.

Abigail

Comment on Re: If you do go with ssh..

Replies are listed 'Best First'.
Re: Re: If you do go with ssh.. by zengargoyle (Deacon) on Apr 04, 2003 at 15:14 UTC
you can use key-agent and only have to type your password once per login and still keep your keys encrypted.	[reply]
Re^2: If you do go with ssh.. by adrianh (Chancellor) on Apr 04, 2003 at 14:34 UTC
Surely it weakens security because a single return is often the first thing Evil People will try if they do manage to get a copy of your private key. If they've compromised the machine running the SSH client you're in trouble regardless of the authentication method used since the Evil Person can just install a key logger and get your passwords that way.	[reply]
Re: If you do go with ssh.. by Abigail-II (Bishop) on Apr 04, 2003 at 14:46 UTC
You may be in trouble, yes. But there's a big difference between able to continue the attack right away with a different machine, and being able to install software, log and gather data, and come back for a return visit undetected. Captain Picard still prefers his shields being at 40% over switching them off at the first sign of damage. ;-) Abigail	[reply]
Re^2: If you do go with ssh.. by adrianh (Chancellor) on Apr 07, 2003 at 09:08 UTC
True ;-) I'm certainly not advocating empty passwords.	[reply]