| |||||||||||||
KS2011: Kernel.org reportKS2011: Kernel.org reportPosted Oct 28, 2011 11:28 UTC (Fri) by corbet (editor, #1)In reply to: KS2011: Kernel.org report by josh Parent article: KS2011: Kernel.org report Because a lot of existing keys were compromised and nobody wants to make guesses about which ones might be OK. SSH keys are cheap, why not replace them?
(Log in to post comments)
KS2011: Kernel.org report Posted Oct 28, 2011 11:43 UTC (Fri) by josh (subscriber, #17465) [Link]
> SSH keys are cheap, why not replace them?
Replacing the SSH key doesn't seem crazy. However, maintaining a completely separate SSH key just for use on kernel.org causes quite a bit of additional complication and annoyance.
configure ssh identity by host Posted Oct 28, 2011 17:16 UTC (Fri) by dmarti (subscriber, #11625) [Link]
You can always make a separate Host section in your .ssh/config with an IdentityFile line. Should then be used by everything that runs over ssh including git. (man ssh_config for more info)
configure ssh identity by host Posted Oct 28, 2011 20:36 UTC (Fri) by nix (subscriber, #2304) [Link]
Does that work if you use an agent? Last time I tried, -i and IdentityFile were both ignored if an agent was in use.
configure ssh identity by host Posted Oct 31, 2011 10:54 UTC (Mon) by mp (subscriber, #5615) [Link]
Even with IdentitiesOnly? Never tried it but looks like the option to set.
configure ssh identity by host Posted Oct 31, 2011 17:50 UTC (Mon) by nix (subscriber, #2304) [Link]
I'm not sure that even existed in the fairly old version of OpenSSH I last encountered this problem in, five years ago. I should retest...
|
|||||||||||||