More talk of SSH keys, a reply
I did not know that my post on SSH keys would create such a long thread, but here we are.
Talking about SSH
I think it's great honestly, as mentioned I do enjoy the debate and to get input drom others.
connect to your SCM then you'd create a brand new key.
I like the idea of one use, but when I look at it, at face value, I have some questions.
What does it actually accomplish? If we assume a bad actor got onto your device, they managed to get your passphrase as well. In what scenario would the bad actor not have the passphrase for the second key as well?
This is asked from a perspective of whether one key is fine or multiple keys are more secure.
The secret SSH-agent debacle
I stopped using SSH-agent around the same time I stopped using connection hopping. I my opinion both leads to bad SSH hygiene and SSH-agent creates ans attack vector.
It doesn't mean it's bad or useless, the main reason I stopped using it, was actually because Wayland made it too annoying to deal with and then I just never went back.
A short update on being exhausted
I got some sort of bug, that pretty much have disabled my powerplant, making for a sluggish meat suit, the skeleton is annoyed and so is the brainpilot.
The next two weeks of grueling work to turn my life simpler, seems insurmountable now, but it doesn't matter, the clock is ticking.
At the end of it, I will be exhausted, but happy I got it done. Having to just deal with rent and utilities for a while, will be nice.
Created 2024-10-08 - Updated 2024-10-09
Source