Posted by: listenlight
Posted on: 2006-07-01 16:06:00
Reading the howto on the dh wiki about ssh says not to use a passphrase? I need to clarify that an id_rsa.pub without a passkey is only good from my machine, and that from any other machine the ssh logon will ask for the regular password. Is this correct?
<a href="http://listenlight.net/">listenlight.net</a>
Posted by: matttail
Posted on: 2006-07-01 16:11:00
setting up a passwordless SSH/SFTP login for your machine will not allow anyone to log into your account without password. When you follow that process you're creating a file on your computer and on the server. Both of those files have to be there, and I believe it also checks that you're coming from the same IP Address.
So no need to worry, you'll be safe. 
--Matttail
art.googlies.net - personal website
Posted by: lrosenstein
Posted on: 2006-07-09 22:15:00
You can add an IP address check to the authorized_keys file on the server, but it's not there by default. (Do man sshd for more info.)
A passphrase protects your private key. The idea is that if someone was to get a hold of your private key file, it would be useless without also knowing the passphrase. If you don't use a passphrase, then getting a copy of the private key file will give someone the ability to log into the server.