Puppet users - Oct 2012 - Storing ssh passphrase

Hello everybody,


There''s a way to asks to user which is the ssh key passphrase ?
I''m
provisioning to a vagrant machine, i''ve copied my ssh keys but
i''m not
allowed to git clone  or do other stuff via puppet because the passphrase 
it''s not "remembered" by the ssh. How you guys handle with
this?


Thank you,


Guilherme 

-- 
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To view this discussion on the web visit
https://groups.google.com/d/msg/puppet-users/-/7OtRk0joy-0J.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscribe@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.

On 01.10.2012 21:37, guilherme reis wrote:
> Hello everybody,
>
>
> There''s a way to asks to user which is the ssh key passphrase ?
I''m
> provisioning to a vagrant machine, i''ve copied my ssh keys but
i''m not
> allowed to git clone  or do other stuff via puppet because the
> passphrase it''s not "remembered" by the ssh. How you
guys handle with this?
>
Storing a program-accessible copy of the passphrase is as secure as a 
unsecured key. Therefore the usual way is to provision a new, 
unencrypted key for each application and apply risk-mitigating 
procedures at the server side (e.g. set command= on the authorized_key).


Best Regards, David

-- 
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscribe@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.