Bureaucrats, cc_docs_admin, cc_staff, rsnt_translations
2,837
edits
Securing your account: Difference between revisions
Jump to navigation
Jump to search
no edit summary
No edit summary |
No edit summary |
||
| Line 44: | Line 44: | ||
One important advantage of using SSH keys is that the remote system only needs your public key. This value is not sensitive, so there is no risk of disclosure. If someone gets your public key, all they can do is give you additional access. | One important advantage of using SSH keys is that the remote system only needs your public key. This value is not sensitive, so there is no risk of disclosure. If someone gets your public key, all they can do is give you additional access. | ||
* Avoid placing any private keys on remote machines, even encrypted ones. An unencrypted key is equivalent to a password, and may be stolen or exposed inadvertently. An encrypted key is, by itself, not sensitive - except if you ever use it on that machine (at which point you are effectively trusting the machine.) | * Avoid placing any private keys on remote machines, even encrypted ones. An unencrypted key is equivalent to a password, and may be stolen or exposed inadvertently. An encrypted key is, by itself, not sensitive - except if you ever use it on that machine (at which point you are effectively trusting the machine.) | ||
* If you use ssh-agent, avoid forwarding it to remote machines | * If you use ssh-agent, avoid forwarding it to remote machines which you do not trust. | ||
</translate> | </translate> | ||