Security of ssh key passphrases - i.e. where to save them?
Ralf Mardorf
kde.lists at yahoo.com
Sun Aug 18 12:35:42 UTC 2024
Hi,
lets assume somebody does not use a bitwarden browser extension, then
the risky browser layer is no issue at all.
However,
• rocketmouse at archlinux ~
$ pacman -Si bitwarden-cli
[snip]
Depends On : nodejs-lts-iron
[snip]
• rocketmouse at archlinux ~
$ pacman -Si nodejs-lts-iron
Repository : extra
[snip]
Depends On : openssl zlib icu libuv c-ares brotli libnghttp2
[snip]
OpenSSL made it into the global news a few years ago thanks to
Heartbleed.
IOW managing passwords by another software and/or hardware layer is an
additional security risk. It's an additional point of attack.
If we had 4 kidneys instead of 2, we would have a few kidneys in
reserve, but would also offer pathogens a larger surface to attack.
Safety is always a balancing act.
Regards,
Ralf
More information about the ubuntu-users
mailing list