Subject: IMPORTANT: Mandatory password and ssh key change by 2011-11-30

Adam Williamson awilliam at
Thu Oct 13 17:18:46 UTC 2011

On Thu, 2011-10-13 at 10:43 +0200, Gerd Hoffmann wrote:
> Hi,
> > Sure, ssh keys are much harder to compromise than passwords, but
> > _assuming a compromise has happened_ the consequences of using a single
> > key for everything are just as bad as using a single password for
> > everything.
> One ssh key per project doesn't make sense at all to me.  They all would 
> be on my laptop, and in case it gets compromised the attacker can easily 
> snatch all the keys.

I didn't claim it was necessarily a great approach. I simply disputed a
bald assertion that there was absolutely zero exposure difference
between using a single key for everything and using multiple keys. I
never claimed that 'you should use multiple keys' or 'it's best security
practice to use multiple keys' or anything like that; I simply took
exception at the suggestion that there was absolutely no difference
between the scenarios.

> One ssh key per machine makes alot more sense.  For outgoing ssh 
> connections from -- say -- I wouldn't just copy 
> my private key from my laptop but generate a new one, then add it to 
> authorized_keys where needed.

That's a sensible approach, sure.
Adam Williamson
Fedora QA Community Monkey
IRC: adamw | Twitter: AdamW_Fedora | adamwfedora

More information about the devel mailing list