Keychain 2.5.4.1 review
DownloadThe keychain script makes handling RSA and DSA keys both convenient and secure
|
|
The keychain script makes handling RSA and DSA keys both convenient and secure.
Many of us use the excellent OpenSSH as a secure, encrypted replacement for the venerable telnet and rsh commands. One of OpenSSH's (and the commercial SSH2's) intriguing features is its ability to authenticate users using the RSA and DSA authentication protocols, which are based upon a pair of complementary numerical "keys". And one of the main appeals of RSA and DSA authentication is the promise of being able to establish connections to remote systems without supplying a password.
The keychain script makes handling RSA and DSA keys both convenient and secure. It acts as a front-end to ssh-agent, allowing you to easily have one long-running ssh-agent process per system, rather than per login session. This dramatically reduces the number of times you need to enter your passphrase from once per new login session to once every time your local machine is rebooted.
Keychain was first introduced in a series of IBM developerWorks articles. The first article introduces the concepts behind RSA/DSA key authentication and shows you how to set up primitive (with passphrase) RSA/DSA authentication. The second article shows you how to use keychain to set up secure, passwordless ssh access in an extremely convenient way. keychain also provides a clean, secure way for cron jobs to take advantage of RSA/DSA keys without having to use insecure unencrypted private keys. The third article shows you how to use ssh-agent for authentication forwarding mechanism.
Current versions of keychain are known to run on Linux, BSD, Cygwin, Tru64 UNIX, HP-UX, Mac OS X, and Solaris using whatever variant of Bourne shell you have available.
What's New in This Release:
Keychain 2.5.4.1 fixes a minor bug introduced in 2.5.4 that resulted in always
exiting with non-zero status.
Keychain 2.5.4.1 keywords