LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 23, 2013

An "enum" for Python 3

An unexpected perf feature

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

SSH: passwords or keys?

SSH: passwords or keys?

Posted Jan 21, 2010 15:04 UTC (Thu) by nye (guest, #51576)
In reply to: SSH: passwords or keys? by nix
Parent article: SSH: passwords or keys?

>Of course, for use by humans, an agent and a passphrased key is strictly better than a nonpassphrased key.

In general, yes. *Strictly*, no.

Here is an example of when I have used a non-passphrased key. It may seem contrived now, but it was in real use at the time:

Back in ye days of dial-up, I had one machine with a modem in it, connected to the phone line. Dial-on-demand was not an option, as the line was also used for voice, so we needed more control about when to connect, so that left the problem of how to initiate (and terminate) a connection from any other machine. The simplest solution was to use a passphraseless SSH key, permitted to perform both of those tasks and nothing else. None of the users (read: my family) used SSH for anything else, so using an agent would be indistinguishable from not having one.

So, what's the extent of the possible damage?

If somebody had broken into the house and stolen one of the computers with the key on, then they would have gained the ability to connect to the internet the next time they broke in, without having to bring their own modem or subvert the machine plugged in to the phone line. I wouldn't consider that a particularly pressing concern given that *there's somebody in my house dismantling my computers*.

I suppose the most obvious counter-argument is that this is a task which could easily have been done using something other than SSH, but it was still the simplest solution.

(Log in to post comments)

SSH: passwords or keys?

Posted Jan 22, 2010 15:27 UTC (Fri) by nix (subscriber, #2304) [Link]

True. Perhaps a better way of saying it is that keys which allow the
carrying out of functions which you do not want a random thief to be able
to carry out, or keys which allow anything (J. Random Normal SSH Identity)
should be passphrased. The rest don't need to be, because nothing bad will
happen if random people get the ability to do whatever that key allows.

(Also, keys stored in a location where the key can't be stolen, e.g. in a
Mars rover, are probably safe nonpassphrased. :) )

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds