<<< Date Index >>>     <<< Thread Index >>>

Re: sending through a remote MTA with ssh



On Thu, Feb 16, 2006 at 02:06:35PM -0500, Derek Martin wrote:
> 
> > > Of course, a compromise of the key you use to access your e-mail
> > > system is probably not the end of the world, unless it does a whole
> > > lot more than just send and receive your e-mail...
> > > 
> > You have hit the nail well on the head there.
> 
> :)
> 
> Your original message might be construed by some that creating keys
> with no passphrase really poses very little risk.  I wanted to make it
> clear that in general, that's not the case, even if it happens to be
> true in your case.  Managing security is entirely about managing
> risk, so whether or not it's acceptable to live with that risk depends
> entirely on the specific case.  For many, the security of their ssh
> keys might be the only layer of protection they have, and therefore
> using a passphrase is much more important.
> 
Yes, quite agree, I wasn't arguing the point.  As you say what is most
imprtant really is for users to look into the risks of each approach
and decide what is appropriate for them.

-- 
Chris Green (chris@xxxxxxxxxxx)

    "Never ascribe to malice that which can be explained by incompetence."