From owner-freebsd-questions  Mon Nov 27 20:28:16 2000
Delivered-To: freebsd-questions@freebsd.org
Received: from guru.mired.org (okc-65-26-235-186.mmcable.com [65.26.235.186])
	by hub.freebsd.org (Postfix) with SMTP id A496B37B4C5
	for <questions@freebsd.org>; Mon, 27 Nov 2000 20:28:13 -0800 (PST)
Received: (qmail 38697 invoked by uid 100); 28 Nov 2000 04:28:13 -0000
From: Mike Meyer <mwm@mired.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Message-ID: <14883.13405.7114.490009@guru.mired.org>
Date: Mon, 27 Nov 2000 22:28:13 -0600 (CST)
To: tayers@bridge.com
Cc: questions@freebsd.org
Subject: Re: Help Understanding SSH
In-Reply-To: <14108128@toto.iv>
X-Mailer: VM 6.75 under 21.1 (patch 10) "Capitol Reef" XEmacs Lucid
X-face: "5Mnwy%?j>IIV\)A=):rjWL~NB2aH[}Yq8Z=u~vJ`"(,&SiLvbbz2W`;h9L,Yg`+vb1>RG%
 *h+%X^n0EZd>TM8_IB;a8F?(Fb"lw'IgCoyM.[Lg#r\
X-Message: You should get a better mailer.
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

tayers@bridge.com types:
> I'm still looking for the what/why of the passphrase. I assume it is
> additional security, but haven't seen that printed anywhere.

It's in the ssh-keygen man page:

	[the] passphrase will be used to encrypt the private part of
	[the identity] file using 3DES.

I'd say you used a passphrase on goats and if you don't trust root not
to abuse the ability of reading the secret key.

	<mike
--
Mike Meyer					http://www.mired.org/home/mwm/
Independent WWW/Unix/FreeBSD consultant,	email for rates.


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message