• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
Re: Oh dear - another clueless 'setenv DISPLAY' question...
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Oh dear - another clueless 'setenv DISPLAY' question...

  • Subject: Re: Oh dear - another clueless 'setenv DISPLAY' question...
  • From: "Ambrose Li" <email@hidden>
  • Date: Fri, 10 Oct 2008 17:33:39 -0400
I know this is about user passphrases, but, while this statement is
true, it is an inaccurate generalization. Things like daemons, system
cronjobs, and other backend stuff MUST use "private keys without
passphrases". There is simply no way you can enter passwords in such
cases.

2008/10/10 James Elliott <email@hidden>:
> If you're using private keys without passphrases, you're leaving lockpicking
> tools lying around in your filesystem that anyone could use trivially to
> compromise your other systems.
>
> The ssh-agent support built into Leopard lets you stick to sane security
> practices, and take advantage of the Keychain application to provide the
> passphrase for your private key when ssh needs it, so you have convenience
> *and* security.
>
>        -Jim
>
> On Oct 10, 2008, at 15:39, Jamie Kennea wrote:
>
>>
>> On Oct 10, 2008, at 3:55 PM, James Elliott wrote:
>>
>>> Hopefully this article will get you going:
>>>
>>> http://www.mactips.org/archives/2007/12/20/using-passwordless-ssh-the-easy-guide-leopard-only/
>>
>> I don't get why they list this method as "Leopard Only". I've been doing
>> this exact thing for years, on Mac OS X, Linux and Solaris. As far as I can
>> see this method has everything to do with ssh keys and nothing to do with
>> the Mac OS X keychain at all. Odd.
>>
>> It does work great though.
>>
>> Jamie
>> _______________________________________________
>> Do not post admin requests to the list. They will be ignored.
>> X11-users mailing list      (email@hidden)
>> Help/Unsubscribe/Update your Subscription:
>>
>> This email sent to email@hidden
>
> _______________________________________________
> Do not post admin requests to the list. They will be ignored.
> X11-users mailing list      (email@hidden)
> Help/Unsubscribe/Update your Subscription:
>
> This email sent to email@hidden
>



--
cheers,
-ambrose

The 'net used to be run by smart people; now many sites are run by
idiots. So SAD... (Sites that do spam filtering on mails sent to the
abuse contact need to be cut off the net...)
 _______________________________________________
Do not post admin requests to the list. They will be ignored.
X11-users mailing list      (email@hidden)

This email sent to email@hidden
  • Follow-Ups:
    • Re: Oh dear - another clueless 'setenv DISPLAY' question...
      • From: Brandon Allbery <email@hidden>
References: 
 >Oh dear - another clueless 'setenv DISPLAY' question... (From: email@hidden)
 >Re: Oh dear - another clueless 'setenv DISPLAY' question... (From: James Elliott <email@hidden>)
 >Re: Oh dear - another clueless 'setenv DISPLAY' question... (From: Jamie Kennea <email@hidden>)
 >Re: Oh dear - another clueless 'setenv DISPLAY' question... (From: James Elliott <email@hidden>)

  • Prev by Date: Re: Oh dear - another clueless 'setenv DISPLAY' question...
  • Next by Date: Re: Oh dear - another clueless 'setenv DISPLAY' question...
  • Previous by thread: Re: Oh dear - another clueless 'setenv DISPLAY' question...
  • Next by thread: Re: Oh dear - another clueless 'setenv DISPLAY' question...
  • Index(es):
    • Date
    • Thread