[TriLUG] Remote Execution using remctl
Igor Partola via TriLUG
trilug at trilug.org
Wed Sep 2 14:23:31 EDT 2015
Alan,
You might want to reconsider your policy of keeping unencrypted ssh keys,
even on machines you trust otherwise. I keep mine encrypted, but also run
ssh-agent so that I don't have to enter my passphrase all the time. This
also has the benefit of allowing me ssh-agent forwarding so I can go from
home laptop to random server A to random server B, even though random
server A doesn't have my ssh_id.
Another thing this lets me do is to see a notification any time my private
key is used (or even pop up a confirmation dialog before allowing its use).
That way I can see some rogue program is trying to get access to it.
Igor
More information about the TriLUG
mailing list