rsync through multiple ssh hops with password authentication
prompt
Manuel López-Ibáñez
manuellopezibanez at yahoo.es
Thu Oct 20 17:06:28 GMT 2005
Wayne Davison wrote:
> On Thu, Oct 20, 2005 at 01:15:54AM +0100, Manuel L?pez-Ib??ez wrote:
>
>>For example, isn't it possible for the root of middle (or some
>>attacker) to get my keys and use them?
>
>
> No, that's not how ssh keys work at all. Firstly, you only need to put
> the *public key* on the middle host and the destination host, not your
> private key (which only needs to be on your local system). Secondly,
> you should have encrypted your private key on your own host, so that it
> must be decrypted with a pass phrase. This makes everything work
> securely. As long as ssh is configured to forward the ssh-agent data,
> the remote systems will allow a chain of ssh accesses that originates
> from your local system (which will have prompted you for the key's pass
> phrase only at the first use of the key). This is a much better way to
> configure ssh than to try to do multiple hops using passwords.
Can rsync work while ssh-agent is forwarding data?
Cheers,
Manuel.
______________________________________________
Renovamos el Correo Yahoo!
Nuevos servicios, más seguridad
http://correo.yahoo.es
More information about the rsync
mailing list