Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!


Click here to return to the 'How to use ssh keys on a USB drive' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
How to use ssh keys on a USB drive
Authored by: houchin on Feb 23, '05 11:16:05AM

Cool.

What if you went one step farther and put a shell script on the flash drive to run ssh with that -i option. You would then put that script's directory into your path. You could then open connections just by typing something like "usbssh www.example.com" and not have to remember any paths at all.

The script could even be intelligent enough to figure out the mount point, or making the identity files relative to the script.

But you know, now that I type this, I'm starting to have security worries. Unless there's some form of access control to the USB keydrive, you're putting your identity on a easily losable device.



[ Reply to This | # ]
How to use ssh keys on a USB drive
Authored by: Scott Windsor on Feb 23, '05 01:19:28PM

Is there any way to encrypt the USB key's filesystem?
If not, you could encrypt your keys and config. At this point, you'd probally want a more complicated "unlock" script that goes out to the USB key, decrypts it, and allows you access? But, ideally you wouldn't have to copy the keys to your harddrive...



[ Reply to This | # ]
How to use ssh keys on a USB drive
Authored by: TrentC on Feb 23, '05 03:05:11PM

Why would you put your only private key onto a USB drive?

SSH will recognize multiple keys; generate one specifically for your USB drive, and add the public key to ~/.ssh/authorized_keys.

If you lose your USB drive, all you need to do is delete the public key from authorized_keys and the key on the USB drive will no longer work.



[ Reply to This | # ]
How to use ssh keys on a USB drive
Authored by: Shawn Parr on Feb 23, '05 11:41:54PM

I administrate a number of servers. I have a mac at home, many macs at work, and a number of linux workstations that I may be working at.

Creating one Private key, and carrying it with me is very convenient. It also ensures that the private key is not on any single machine that may be stolen, as long as I remember to log out and/or remove them from the key agent.

Of course I also have to remember to always keep my USB drive secure, but often that is easier than securing workstations or laptops from walking away, especially as the I-stick has a wallet holder.



[ Reply to This | # ]
How to use ssh keys on a USB drive
Authored by: TrentC on Feb 24, '05 01:53:58AM

I administrate a number of servers. I have a mac at home, many macs at work, and a number of linux workstations that I may be working at.

Creating one Private key, and carrying it with me is very convenient. It also ensures that the private key is not on any single machine that may be stolen, as long as I remember to log out and/or remove them from the key agent.

Of course I also have to remember to always keep my USB drive secure, but often that is easier than securing workstations or laptops from walking away, especially as the I-stick has a wallet holder.

Heh. nothing said the advice here is "one size fits all"; it your case, it'd make sense to have one key to worry about.

Me, I have 2 linux boxes and an iMac to worry about; if I lose a USB drive, the odds that someone will find it, figure out my passphrase as well as what machines it can access, before I can get to a place where I can delete 3 public keys are enough in my favor that I don't lose sleep. :)



[ Reply to This | # ]
How to use ssh keys on a USB drive
Authored by: Shawn Parr on Feb 23, '05 11:51:33PM

Actually you can easily do that with aliases.

man alias

You can create them on the fly in a terminal session, or add them to your .profile



[ Reply to This | # ]