<div dir="ltr">They'd still need to crack a 2048 or 4096-bit RSA key though, even with access to your id_rsa. As long as you have a secure passphrase you could tattoo your private key on your face and it wouldn't matter.</div>

<div class="gmail_extra"><br><br><div class="gmail_quote">On 25 January 2013 15:24, Martin <span dir="ltr"><<a href="mailto:martin@ml1.co.uk" target="_blank">martin@ml1.co.uk</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">

On 25/01/13 14:47, Jason Irwin wrote:<br>
> <a href="http://www.theregister.co.uk/2013/01/25/github_ssh_key_snafu/" target="_blank">http://www.theregister.co.uk/2013/01/25/github_ssh_key_snafu/</a><br>
Ouch! Indeed. Plus egg on a few faces.<br>
<br>
<br>
Perhaps that is why I'm highly adverse to the use of ssh keys for<br>
automated logins, and especially so for externally accessible systems...<br>
<br>
Cheers,<br>
Martin<br>
<span class="HOEnZb"><font color="#888888"><br>
--<br>
- ------------------ - ----------------------------------------<br>
-    Martin Lomas    - OpenPGP (GPG/PGP) Public Key: 0xCEE1D3B7<br>
- martin @ ml1 co uk - Import from   hkp://<a href="http://subkeys.pgp.net" target="_blank">subkeys.pgp.net</a>   or<br>
- ------------------ - http:// ml1 .co .uk/martin_ml1_co_uk.gpg<br>
<br>
_______________________________________________<br>
Nottingham mailing list<br>
<a href="mailto:Nottingham@mailman.lug.org.uk">Nottingham@mailman.lug.org.uk</a><br>
<a href="https://mailman.lug.org.uk/mailman/listinfo/nottingham" target="_blank">https://mailman.lug.org.uk/mailman/listinfo/nottingham</a><br>
</font></span></blockquote></div><br></div>