Subject: IMPORTANT: Mandatory password and ssh key change by 2011-11-30

Jon Ciesla limb at
Wed Oct 12 19:22:31 UTC 2011

> ons 2011-10-12 klockan 13:25 -0500 skrev Jon Ciesla:
>>  Plus, you could have multiple
>> keys, all with the same passphrase, for different things, should you so
>> desire.
> That's effectively one shared key for all. If one of them are
> compromized them most likely all of them are, as the attacker clearly
> gained access to both
>   - The storage locaiton where the keys were stored
>   - The encryption key (passphrase)
> And if an attacker managed to gain access to this combination for any of
> your keys it's likely he also gains access to the others.

Agreed, it's a bad idea.  I was just throwing it out there as one nod to
convenience.  I don't do it.


> Regards
> Henrik

in your fear, seek only peace
in your fear, seek only love

-d. bowie

More information about the devel mailing list