Security of ssh key passphrases - i.e. where to save them?
Ralf Mardorf
kde.lists at yahoo.com
Sun Aug 18 12:55:11 UTC 2024
Hi,
I'm sorry, there's an issue with my yahoo.com account, hence I read the
mailing list archive.
On Sun, 2024-08-18 at 13:58 +0200, Ralf Mardorf via ubuntu-users wrote:
>> In your case, the security vulnerability is not the handling of
>> passphrases, but the unreliability of OpenSSH.
>For goodness sake Ralf, stop fearmongering.
>OpenSSH is no more "unreliable" than any other security tool, and a
>damned sight more reliable than most.
>Regards, K.
Karl, I am not fearmongering. I explain that passphrases are nothing to
worry. Almost all computer related issues that made it into the news
where unrelated to passphrase issues.
This year, air traffic was not paralysed because someone used
passphrases to gain access to something.
IOW the more software you are using, the more likely you run into an
issues.
Also, as good as OpenSSH and OpenSSL are, without updates there are
risks and with updates there are risks.
A wallet does not become more secure in your trouser pocket if you
attach it to a chain and let it dangle down your jeans for everyone to
see.
The best solution is to keep as little cash and documents as possible in
your wallet and to make it less visible where you are carrying the
wallet.
Regards,
Ralf
More information about the ubuntu-users
mailing list