Subject: IMPORTANT: Mandatory password and ssh key change by 2011-11-30
Henrik Nordström
henrik at henriknordstrom.net
Wed Oct 12 19:30:35 UTC 2011
ons 2011-10-12 klockan 19:22 +0100 skrev Peter Robinson:
> If your using a hard token you should be using a subkeys I believe and
> not the root key, not sure if that's gpg or ssh or both.
subkeys is not relevant to the SSH world. That's a OpenPGP thing where
the main key should only be used for the chain of trust and stored
separately off line, and subkeys for the day to dya usage
(identification, encryption), as chaning the chain of trust key is a
real pain.
The hard tokein I normally use is a OpenPGP card, and as far as I know
it only have one free slot for the SSH key. The card have three RSA keys
in total, Signing, Encryption, Authentication(SSH).
Regards
Henrik
More information about the devel
mailing list