Subject: IMPORTANT: Mandatory password and ssh key change by 2011-11-30
Gerd Hoffmann
kraxel at redhat.com
Fri Oct 14 09:58:12 UTC 2011
Hi,
>> That's kinda silly. I work on a desktop or on a laptop. When working on
>> my desktop, I really don't want to fire up my laptop just for the ssh
>> key. And adding two keys in all authorized_keys for this is kinda silly,
>> and does not add any security over the one copied key.
>
> You're wrong, and you're doing it wrong.
Well, its a case-by-case thing IMHO. For machines which are (a) sitting
at the same physical location and LAN segment and (b) trusting each
other anyway and (c) used by yourself only it doesn't add that much
security to have different ssh keys on each box ...
cheers,
Gerd
More information about the devel
mailing list