can't figure out ssh, read lots of docs...

Lowell Gilbert freebsd-questions-local at
Thu Jun 2 16:45:59 GMT 2005

Giorgos Keramidas <keramida at> writes:

> On 2005-06-02 10:38, Lowell Gilbert <freebsd-questions-local at> wrote:

> > The original poster wanted to do automated backups via scp.  This kind
> > of application *requires* empty passphrases
> Nope.  scp works fine with a pass-phrase too, if one uses ssh-agent
> properly, regardless of the remote user being root or not.

You're recommending leaving an ssh-agent instance running unattended
instead of having a passphrase-less key?  That just means you have to
protect the agent's socket as carefully as you would have to protect
the unencrypted key file.  

I guess what I should have said was that such an application requires
an unencrypted key sitting around.  You are right: there *are* ways to
give access to the key other than empty passphrases.  The only real
disadvantage of the agent approach is that the key becomes
inaccessible when the system reboots.

More information about the freebsd-questions mailing list