Deleting SSH key(s) from agent
peter at digitalbrains.com
Tue Aug 23 10:36:12 CEST 2016
On 23/08/16 10:20, Karol Babioch wrote:
> How are you guys dealing with multiple SSH keys while making sure the
> correct one is being used?
I don't make sure the correct one is used.
The challenge that is signed with your private key is based on data
provided by both the server and the client. I have never heard of an
attack that allowed a challenge for one SSH server to be used as
authentication to a different SSH server. In other words, I've never
heard of an attack where a rogue SSH server can impersonate you on a
different server when you authenticate to the rogue server.
If I'm mistaken, I'd like to know. But I suspect the system was
correctly designed to thwart such a thing.
So I don't think there is a need to ensure the correct key is used.
I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at <http://digitalbrains.com/2012/openpgp-key-peter>
More information about the Gnupg-users