Google Authenticator for multi-factor authentication
Posted Dec 8, 2011 13:12 UTC (Thu) by dwmw2
In reply to: Google Authenticator for multi-factor authentication
Parent article: Google Authenticator for multi-factor authentication
Google Authenticator doesn't use public/private keys. It has a single symmetric key. Essentially there is no public key; only a private key.
So no, the problematic part is not that it's like the SSH public key. The problematic part is that it's like keeping your SSH private key lying around on the file system without a passphrase.
And yes, the patch I mention above will allow you to keep the files in a root-owned and root-only-readable location.
to post comments)