13 Jul
2012
13 Jul
'12
2:37 a.m.
Rick Moen wrote:
If he/she merely uses the same SSH passphrase everywhere, that's just about as bad, because it means the private key can get stolen and used locally, and then the imposter sshes to the next system, repeats the theft, und so weiter.
That sounds like the user leaves private keys on intermediary hops (cf. -oProxyCommand or -oForwardAgent, which have different attack profiles).