Security of ssh key passphrases - i.e. where to save them?
Colin Law
clanlaw at gmail.com
Sun Aug 18 10:32:37 UTC 2024
On Sun, 18 Aug 2024 at 11:19, Chris Green <cl at isbd.net> wrote:
>
> One is always told that using an ssh key with a passphrase is more
> secure than using password authentication.
>
> Yes, it is so in the context of the login process, however that isn't
> the whole story. Where/how do you save the passphrases so that if you
> forget one you can retrieve it? The 'safe' where they are saved needs
> to be as secure as the ssh protocol if the security of the ssh
> protocol itself is going to be of any use at all.
>
> So, what do others here do?
I use Bitwarden for storing all credentials. So when used on a PC it
is unlocked with a master passphrase, and on Android it is unlocked
with my fingerprint.
The database is accessible from all your devices.
It has browser plugins so that you can use it for user/pwd filling
rather than the browser. it recognises the url and offers the
appropriate credentials for the page.
It is excellent. I pay the $10/year for the premium version, but the
free version may well be good enough for you.
I don't know whether it can interact with the command line for the
particular situation you describe as I don't have that issue.
Colin L.
More information about the ubuntu-users
mailing list