11 Nov
2005
11 Nov
'05
07:29
Dirk Schreiner said:
And you can run specific commands using the Key. (and only them.)
And you can delete the Public-Key on the Server any time. (What you should do if ya Laptop is stolen.)
You can use multiple Keys with multiple Passphrases on a single (shared) Account. (No shared Password!)
And last but not least: There is something called scponly. Works like a charm ;-))
And you can create a separate "upload" user with a restricted shell on the server, that only allows execution of scp (and e.g. a chmod). Then even with a stolen laptop/private key, the attacker has only limited access to the server and can't compromise your normal user account that easy.