adds bit about cron-jobs and limiting key access with authorized_keys

2019-08-25 14:17:30 +00:00 · 2019-08-25 14:17:30 +00:00 · aaf84a70dc
parent 3833053463
commit aaf84a70dc
1 changed files with 7 additions and 2 deletions
--- a/docs/ed25519.md
+++ b/docs/ed25519.md
@ -38,6 +38,11 @@ Switches:
  organizing specific machine keys not covered in this guide.

 When asked to enter a passphrase, do so. An ssh key without a passphrase is
-completely vulnerable if stolen.
+vulnerable if stolen.

-_[In progress]_
+### Keys used in cron-jobs
+
+Some keys may be used for automated scripts and are not appropriate to
+passphrase. In this case, extra security can be gained by setting
+`authorized_keys` entries to restrict the commands the key is permitted to
+run, down to the command-line arguments.