private key permissions?
23 views
Skip to first unread message
Andrew Muro
Apr 19, 2011, 4:58:49 PM4/19/11
to Webistrano
so to use ssh public key authentication, you need to generate keys for
the remote ssh user and obviously make them readable by the user who
initiates the ssh session. in webistrano's case, it's the web server
user, apache (or www-data on debian, i think).
it seems like a really bad idea for a user's rsa private key to be
readable by apache. am i thinking about this the wrong way?
the remote ssh user and obviously make them readable by the user who
initiates the ssh session. in webistrano's case, it's the web server
user, apache (or www-data on debian, i think).
it seems like a really bad idea for a user's rsa private key to be
readable by apache. am i thinking about this the wrong way?
Jonathan Weiss
Apr 20, 2011, 7:52:39 AM4/20/11
to webis...@googlegroups.com
I would create a special pair of keys only for Webistrano.
Storing the password is not really more secure.
If you want a web application to be able to access a remote system, it
has to have to mean to do so.
Jonathan
--
Jonathan Weiss
http://blog.innerewut.de
http://twitter.com/jweiss
Reply all
Reply to author
Forward
0 new messages