Dear Patrick,

Thank you for your response. The client must meet the following
conditions to successfully login:

1) Proper IP
2) Proper Private Key (null-passphrase so at night, when backups are
initiated, a user does not need to be at console)
3) Appropiate command (scp or rsync)

Is there any other way of setting up keys for passwordless logins that
are more secure than null-passphrases?

Thanks,

Gian

Patrick Morris wrote:

>No, it's not. If someone has the private key file, they can log in with it.
>If it's got a passphrase, they need to know that, too.
>
>Even with ssh-agent, someone has to enter the passphrase at some point.
>That makes it infinetely more secure than passphraseless keys.
>
>-----Original Message-----
>From: Gian G. Spicuzza [mailto:gianspi@gsent.org]
>Sent: Friday, March 10, 2006 8:58 AM
>To: secureshell@securityfocus.com
>Subject: Null-passphrase vs ssh-agent
>
>Hello. I have implemented PKA with a null-passphrase instead of using
>ssh-agent. Is this just as secure as using ssh-agent?
>
>Thank you,
>
>Gian G Spicuzza
>
>
>
>
>
>
>
>