On Jan 22, 2008 6:27 PM, Les Mikesell <lesmikesell@xxxxxxxxx> wrote:
Mikkel L. Ellertson wrote:I wouldn't say it's not a big risk - more like it is a risk that you
>
>
> While having a pass phrase (not password) on a ssh key is normally a
> good idea. But if you need to connect to a remote machine as part of a
> cron job, a key without a pass phrase, if set up properly, is not that
> big of a security risk.
have to manage by controlling access to the account where the keys are
readable - and physical access to the media where they are stored.
--
Les Mikesell
lesmikesell@xxxxxxxxx
Controlling access to the media storing the keys and accounts is of my greatest
concern in particular if the system is located in some other city and someone
else admins the machine.
Maybe I'm too paranoid.
~af
