Subject: IMPORTANT: Mandatory password and ssh key change by 2011-11-30
Richard W.M. Jones
rjones at redhat.com
Thu Oct 13 08:12:44 UTC 2011
On Wed, Oct 12, 2011 at 12:48:57PM -0700, Adam Williamson wrote:
> Sure. However, if you have multiple keys with multiple passphrases, then
> it's extra work to compromise each key.
Not true at all. If I keep my key(s) in a single location (a secure
machine at my home), then either all keys in that location are secure
or they've all been compromised. Someone with a rootkit on that
machine can capture all of my keys and all of my passphrases.
> let's say you have an account on kernel.org and one on linux.com. It
> may make some kind of sense to your workflow for you to keep the
> private key you use to access linux.com in your home directory on
> kernel.org.
If you do this, you're doing it wrong.
Rich.
--
Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones
virt-p2v converts physical machines to virtual machines. Boot with a
live CD or over the network (PXE) and turn machines into Xen guests.
http://et.redhat.com/~rjones/virt-p2v
More information about the devel
mailing list