Merge pull request 'Use `-C' to prevent information leaks' (#2) from styan/docs:ssh-keygen-comment into master

Fantastic advice.
This commit is contained in:
James Tomasino 2020-06-10 20:20:21 -04:00
commit add7dbb4f0
1 changed files with 3 additions and 1 deletions

View File

@ -23,7 +23,7 @@ Ed25519 is the best recommendation in 2019.
## Generate an Ed25519 key
ssh-keygen -a 100 -t ed25519 -f ~/.ssh/id_ed25519
ssh-keygen -a 100 -t ed25519 -f ~/.ssh/id_ed25519 -C ''
Switches:
@ -36,6 +36,8 @@ Switches:
discovered automatically by the SSH agent, it must be stored in the default
`.ssh` directory within your home directory. There are other strategies for
organizing specific machine keys not covered in this guide.
- **-C:** Sets the comment. If left unset the comment can leak your local
username.
When asked to enter a passphrase, do so. An ssh key without a passphrase is
vulnerable if stolen.