[rancid] Re: Rancid and cisco 'autocommand' users?

Austin Schutz tex at off.org
Wed Apr 25 21:23:14 UTC 2007


On Wed, Apr 25, 2007 at 10:31:02PM +0100, Randy Bush wrote:
> >> ask your router vendor why they do not have the equivalent of
> >> ~/.ssh/authorized_keys
> > Indeed, but the pass phrase still needs to be located somewhere or be empty.
> 
> yes, but the private key on the client is crypted
> 

	wrt the other email I just submitted to this thread: why is this
advantageous? Over the wire a passphrase is also encrypted, and locally
it's just as easy to copy a file containing a private key as it is to copy
a file containing a passphrase.
	I feel like I'm missing something really obvious here. Well, other
than the fact that some vendor(s) older equipment still doesn't support ssh
properly. Count yourself lucky if you don't have any of that still around.

	Austin



More information about the Rancid-discuss mailing list