[Gllug] SSH key authentication revisited
Tethys
tet at accucard.com
Wed Apr 9 15:21:43 UTC 2003
Richard Jones writes:
>Not sure if this is right.
>
> [...]
>
>.ssh/id_dsa STAYS RIGHT WHERE IT IS, AND GOES NOWHERE!!
Not necessarily true. What you describe is fine if you have a single
originating box. What if you're logged onto box 2, and want to ssh
back to box 1 (assume you're on the console, not via ssh from box 1).
You *could* genereate a new private/pbulic pair for box2. But it's
easier to just use the same pair as for box1.
>However you should only do this if you trust remotemachine1 because it
>exposes your X server and ssh-agent for the period of the connection.
Exposes them in what sense? Do you have a reference?
Tet
--
Gllug mailing list - Gllug at linux.co.uk
http://list.ftech.net/mailman/listinfo/gllug
More information about the GLLUG
mailing list