Re: sending through a remote MTA with ssh
On Thu, Feb 16, 2006 at 02:06:35PM -0500, Derek Martin wrote:
> On Thu, Feb 16, 2006 at 06:56:20PM +0000, Chris Green wrote:
> > > Presumably by "set up secure keys and allow passwordless login without
> > > using ssh_agent" you mean you've created keys with no passphrase.
> >
> > Yes, sorry, that's the one. It's a while since I did it so I'd
> > forgotten the details. .... and I did read all about the security
> > risks.
>
> No doubt, but there are potentially lots of other eyes (the original
> poster, for example) reading this thread who are probably not aware of
> the risks... ;-)
Thanks for your concern :) I am the OP and have clearly stated in a
subsequent message that I use ssh-agent with an xdm single-signon
pam_ssh module, so my ssh keys are encrypted, and I wouldn't have it any
other way. There really is no reason to keep ssh UN-encrypted ssh keys,
since it's so easy to start ssh-agent upon entering one's window
manager.
--
I route therefore you are.