Re: sending through a remote MTA with ssh
On Thu, Feb 16, 2006 at 02:06:35PM -0500, Derek Martin wrote:
>
> > > Of course, a compromise of the key you use to access your e-mail
> > > system is probably not the end of the world, unless it does a whole
> > > lot more than just send and receive your e-mail...
> > >
> > You have hit the nail well on the head there.
>
> :)
>
> Your original message might be construed by some that creating keys
> with no passphrase really poses very little risk. I wanted to make it
> clear that in general, that's not the case, even if it happens to be
> true in your case. Managing security is entirely about managing
> risk, so whether or not it's acceptable to live with that risk depends
> entirely on the specific case. For many, the security of their ssh
> keys might be the only layer of protection they have, and therefore
> using a passphrase is much more important.
>
Yes, quite agree, I wasn't arguing the point. As you say what is most
imprtant really is for users to look into the risks of each approach
and decide what is appropriate for them.
--
Chris Green (chris@xxxxxxxxxxx)
"Never ascribe to malice that which can be explained by incompetence."