top | item 46304342

(no title)

heyitsdaad | 2 months ago

Sorry I’m too paranoid about this stuff.

I couldn’t get past ”Paste the private key file id_ed25519 into the .git directory of your current repo,”

discuss

praash|2 months ago

I stopped worrying after I began protecting all keys with a passphrase.

Then the access of your git repos is protected by a single factor, the private key, since the private key is already in the wild.

Copying a private key on a removable storage or to another device than the device that generated it is never a good idea.

zikduruqe|2 months ago

I protect mine with GPG for SSH authentication.

Ferret7446|2 months ago

The only use of the passphrase is to give you time to rotate out the key after it's been compromised. It's not meant to be your main line of defense