On Friday, 20-12-2024 at 14:22 Max Nikulin wrote:
> On 19/12/2024 15:56, Chris Green wrote:
> > Horses for courses, I enter login passwords/passphrases quite frequently
> > (lots of
> > different systems that I ssh to) long, unmemorable, passwords would be
> > useless.
>
> Generate a private key and add its public counterpart to
> ~/.ssh/authorized_keys on remote machines. Locally running ssh-agent
> allows to authenticate on remote machines without typing the pass phrase
> for the private key for each connection. It is more secure than
> passwords against brute force attacks.
>
> (You may have more than one private key and may configure ssh to use
> some key for specific set of servers.)
>
>
Another method for remote server management can be provided by Ansible and
Ansible vault.
https://docs.ansible.com/ansible/latest/playbook_guide/playbooks_privilege_escalation.html
https://docs.ansible.com/ansible/latest/vault_guide/index.html
George.
