Subject: IMPORTANT: Mandatory password and ssh key change by 2011-11-30

Henrik Nordström henrik at henriknordstrom.net
Wed Oct 12 19:20:57 UTC 2011


ons 2011-10-12 klockan 13:25 -0500 skrev Jon Ciesla:

>  Plus, you could have multiple
> keys, all with the same passphrase, for different things, should you so
> desire.

That's effectively one shared key for all. If one of them are
compromized them most likely all of them are, as the attacker clearly
gained access to both

  - The storage locaiton where the keys were stored
  - The encryption key (passphrase)

And if an attacker managed to gain access to this combination for any of
your keys it's likely he also gains access to the others.

Regards
Henrik



More information about the devel mailing list