Greg Stein <gstein@lyra.org> wrote,
> Easier than ssh-agent is to create an "authorized_keys" file. Log onto the
> shell box and type "mkdir .ssh". Next, copy the .ssh/identity.pub file from
> your local machine to .ssh/authorized_keys on shell.sourceforge.net.
>
> From then on, SF will used the auth'd key rather than asking for your
> password.
That's mostly correct, but... you are assuming that the private side
of the key (.ssh/identity on the local host) has not been encrypted
with a passphrase. If it has, the scp command will prompt for it
instead of the remote password. When using an encrypted private key
ssh-agent is the answer.
<soap box>
Personally, I am pretty paranoid about my private keys so (now ;) I
always encrypt them. As a loose rule, I wont give anyone access to my
systems (accept a public key) unless they at least tell me that their
private key has been encrypted.
How much trouble could could be caused by unauthorized access to your
SF account? How secure is your private key?
</soap box>
--
Donald Beaudry Ab Initio Software Corp.
201 Spring Street
donb@init.com Lexington, MA 02421
...Will hack for sushi...