Quote:
Originally Posted by luc-mobile
But unlike him, I don't want to put RSA/DSA keys on the device. We can save the password in the profile section, isn't that enough? Besides, key files could be copied to other machines. That's even more insecure than a saved password. In fact, I didn't save my password. Security is the whole point of SSH.
|
Actually, it's not the same as a saved password when you think it through. A key on a device still must be unlocked with a passphrase, so in the event of a physical breech (device is stolen) you have 3 scenarios: no password saved or key (safest), a key still requiring a passphrase (next safest), and a password saved into device memory (least safe). By necessity the ability to somehow decrypt the password within the software must be present, as the password must be sent to the remote server at connection time. Even if you were able to encrypt the password with the same level of encryption as a keyfile, you necessarily would have to leave the means to decrypt it inside. Unless of course you built in a password to the software to unlock the password(s) (a possiblity for sure!).
Having a private keypart on a device is more secure than having a password saved in the application, but of course saving neither one of the two is the most secure from the device side standpoint in case of a physical attack. As you can imagine I don't save any passwords on the device.
