Subject: IMPORTANT: Mandatory password and ssh key change by 2011-11-30

Gerd Hoffmann kraxel at
Thu Oct 13 08:43:08 UTC 2011


> Sure, ssh keys are much harder to compromise than passwords, but
> _assuming a compromise has happened_ the consequences of using a single
> key for everything are just as bad as using a single password for
> everything.

One ssh key per project doesn't make sense at all to me.  They all would 
be on my laptop, and in case it gets compromised the attacker can easily 
snatch all the keys.

One ssh key per machine makes alot more sense.  For outgoing ssh 
connections from -- say -- I wouldn't just copy 
my private key from my laptop but generate a new one, then add it to 
authorized_keys where needed.

That does (a) limit the access to the machines really needed instead of 
allowing ssh to every machine I'm ssh'ing to from my laptop and
(b) doesn't compromise the keys used on my laptop in case is hacked.


More information about the devel mailing list