[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Not allow users to change passwd
The passphrase is used to encrypt/decrypt the private key on the client,
when it is needed to respond to the challenge from the server.
You can configure sshd to *also* ask for the Unix password though, of
which the administrator of the server can make sure it isn't empty. Makes
logging in a bit awkward though.
On Wed, 15 Sep 1999, David Terrell wrote:
> sshd never sees the remote prive key -- it just knows if it passed the
> challenge. This protects the private key against corrupted servers.
> On Wed, Sep 15, 1999 at 12:10:17PM +0200, Tor Houghton wrote:
> > Speaking of SSH & keys, is there a way to make sure that a key has a
> > passphrase? (Or do I need to hack sshd to do this?)
> David Terrell | email@example.com, firstname.lastname@example.org
> Instant Payments... Anytime... Anywhere. | http://www.paypal.com/
> PayPal, a free service of Confinity, Inc | http://www.confinity.com/