You want to do this even if you only connect to servers you trust (today): you may eventually lose a server to the enemy and connect to it.
-
-
-
"Hey something's wrong with web47." "Hmm, let me SSH in. Oh it's rooted." *bam* You just lost every host you can SSH into w/ that keypair.
- 4 more replies
New conversation -
-
-
@patio11 jeez. that is really, really bad.Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
@patio11@FioraAeterna security is hard, let's go shopping
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
@patio11 I suspect (but don't know for sure) that using ssh-agent avoids this, as the private key is never in the ssh process to start with.Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
@patio11 But I agree, you should fix it now. I'm also thinking about past risks and if you want to rotate ssh private keys due to them.Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
@patio11@0xabad1dea a nice to have feature for a honeypot... time to start coding something!Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.