Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

> …SSH keys in ~/.ssh are also plain text.

What? Mine aren't, nor have they ever been…

If you are storing ssh private keys on disk without a password you are doing something wrong.




If someone can read the files in .ssh, chances are they can also add an alias to the ssh command that steals your passphrase. As for the "stolen laptop" scenario, whole disk encryption is preferable.




Consider applying for YC's Fall 2025 batch! Applications are open till Aug 4

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: