Important Notice: Our web hosting provider recently started charging us for additional visits, which was unexpected. In response, we're seeking donations. Depending on the situation, we may explore different monetization options for our Community and Expert Contributors. It's crucial to provide more returns for their expertise and offer more Expert Validated Answers or AI Validated Answers. Learn more about our hosting issue here.

Why use a passphrase if the private key is safe?

collaboration key metadata NSF passphrase private Repository safe simulation teragrid
0
Posted

Why use a passphrase if the private key is safe?

0 CommentsAdd a Comment

1 Answer

0

If you could guarantee that your private key were safe, it would probably be acceptable to skip a passphrase. However, laptops and single-user workstations can be broken into. A passphrase adds one more level of protection. This is analogous to an ATM card. You need the card and the PIN to withdraw money. If your wallet were stolen and the card had no PIN, the thief could use it to withdraw cash from your account. Just as a PIN prevents your card from being used by an unauthorized person, giving your SSH keypair a passphrase prevents your key from being used if the private key is stolen. – from CalTech SSH Key FAQ There are exceptions, where no passphrase is used. See SSH with Key Pairs without a Passphrase. SSH with Key Pairs without a Passphrase In general, assigning a passphrase is preferred. However, where an SSH connection needs to be established by a non-human entity, e.g., a cron job or CGI script on a Web server, an un-passphrased key may be used with the following precautions:

0 CommentsAdd a Comment
What is your question?

*Sadly, we had to bring back ads too. Hopefully more targeted.

Experts123