[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Not allow users to change passwd

The passphrase is used to encrypt/decrypt the private key on the client,
when it is needed to respond to the challenge from the server.

You can configure sshd to *also* ask for the Unix password though, of
which the administrator of the server can make sure it isn't empty. Makes
logging in a bit awkward though.


On Wed, 15 Sep 1999, David Terrell wrote:
> sshd never sees the remote prive key -- it just knows if it passed the 
> challenge.  This protects the private key against corrupted servers.
> On Wed, Sep 15, 1999 at 12:10:17PM +0200, Tor Houghton wrote:
> > 
> > Speaking of SSH & keys, is there a way to make sure that a key has a
> > passphrase? (Or do I need to hack sshd to do this?)
> -- 
> David Terrell                             | dbt@meat.net, dbt@paypal.com
> Instant Payments... Anytime... Anywhere.  | http://www.paypal.com/
> PayPal, a free service of Confinity, Inc  | http://www.confinity.com/