Subject: IMPORTANT: Mandatory password and ssh key change by 2011-11-30
Adam Williamson
awilliam at redhat.com
Thu Oct 13 17:18:46 UTC 2011
On Thu, 2011-10-13 at 10:43 +0200, Gerd Hoffmann wrote:
> Hi,
>
> > Sure, ssh keys are much harder to compromise than passwords, but
> > _assuming a compromise has happened_ the consequences of using a single
> > key for everything are just as bad as using a single password for
> > everything.
>
> One ssh key per project doesn't make sense at all to me. They all would
> be on my laptop, and in case it gets compromised the attacker can easily
> snatch all the keys.
I didn't claim it was necessarily a great approach. I simply disputed a
bald assertion that there was absolutely zero exposure difference
between using a single key for everything and using multiple keys. I
never claimed that 'you should use multiple keys' or 'it's best security
practice to use multiple keys' or anything like that; I simply took
exception at the suggestion that there was absolutely no difference
between the scenarios.
> One ssh key per machine makes alot more sense. For outgoing ssh
> connections from -- say -- shell.fedoraproject.org I wouldn't just copy
> my private key from my laptop but generate a new one, then add it to
> authorized_keys where needed.
That's a sensible approach, sure.
--
Adam Williamson
Fedora QA Community Monkey
IRC: adamw | Twitter: AdamW_Fedora | identi.ca: adamwfedora
http://www.happyassassin.net
More information about the devel
mailing list