Greg Freemyer wrote:
That is, with no passphrase used during key generation, is there any security at all once a unauthorized user grabs that file? What is the situation with a passphrase? Assuming the file is encrypted if a passphrase is provided, how well is it encrypted.
How are you planning on getting that file? You could sit down at my desk and copy it. Beyond that, you'd have to break ssh to get past that key requirement or you could try to break OpenVPN, which has a key too. Of course, even if you got that private key, it would only get you access to my own account, not root. To become root, you'd have to know the password. That password is not stored in plain text. It's a hash in /etc/shadow, which is readable only by root and the shadow group. Bottom line, if you managed to get my id_rsa, you'd only have access to files in my own directory. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org