can't figure out ssh, read lots of docs...

Lowell Gilbert freebsd-questions-local at
Thu Jun 2 14:38:33 GMT 2005

Giorgos Keramidas <keramida at> writes:

> On 2005-06-01 14:38, Nathan Kinkade <nkinkade at> wrote:
> > The poster is correct in that what you probably what to do is setup
> > public-key authentication using ssh, however, I would highly recommend
> > that you NOT use a blank passphrase for your private key.  ssh-agent,
> > a utility that I think comes standard with the openssh package [...]
> My strong agreement about *NOT* using empty passphrases.  Indeed,
> ssh-agent comes with OpenSSH and it is a _MUCH_ better way of using
> SSH keys with non-empty passphrases.

The original poster wanted to do automated backups via scp.  This kind
of application *requires* empty passphrases (and is discussed as such
in the manual for sshd's configuration).  However, it doesn't
necessarily require remote root access.  I do something kind of
similar, but I have the privileged operations conducted from a local
cron job, when then pushes the results out to an unprivileged, tightly
constrained account on the other machine.  So the actual remote access
is not to root, but to an account that is not capable of doing much.

More information about the freebsd-questions mailing list