INTL 3:770/1 3:770/3   
   REPLYADDR cl@isbd.net   
   REPLYTO 3:770/3.0 UUCP   
   MSGID: <9f8p8k-cm4u1.ln1@esprimo.zbmc.eu> b53407b5   
   REPLY:  e9fdea0a   
   PID: SoupGate-Win32 v1.05   
   Scott Alfter  wrote:   
   > In article ,   
   > Pancho   wrote:   
   > >On 30/01/2024 23:16, Scott Alfter wrote:   
   > >> For remote access (to a headless box or otherwise), you should be using   
   > >> key-based authentication anyway and should disable password authentication   
   > >> in sshd.   
   > >   
   > >What is the usuaL set up for a home LAN, one key to rule them all, or a   
   > >key for each machine?   
   >   
   > One key for each host that needs to connect.  That way, if one of your   
   > computers gets stolen or is lost, you can revoke its access.   
   >   
   Which is of course the default setup with ssh.  You generate a key on   
   the client and that client key will get copied to all the systems to   
   which that client wants to connect.   
      
   I (like most ssh users I suspect) only have two ssh client machines,   
   my desktop and my laptop.  They each have thirty or forty remote   
   systems they connect to.  If either got stolen it would be quite a job   
   to remove all the remote keys!   
      
   --   
   Chris Green   
   ·   
      
   --- SoupGate-Win32 v1.05   
    * Origin: Agency HUB, Dunedin - New Zealand | Fido<>Usenet Gateway (3:770/3)   
   SEEN-BY: 10/0 1 15/0 90/1 103/705 105/81 106/201 128/260 129/305 135/225   
   SEEN-BY: 153/757 7715 218/0 1 601 700 840 870 930 220/70 221/1 6 226/17   
   SEEN-BY: 226/30 100 227/114 229/110 112 113 200 206 307 317 400 426   
   SEEN-BY: 229/428 470 550 616 664 700 240/1120 266/512 267/800 282/1038   
   SEEN-BY: 291/111 292/854 301/1 113 812 310/31 320/219 322/757 335/364   
   SEEN-BY: 341/66 342/200 396/45 460/58 633/280 712/848 770/1 3 100   
   SEEN-BY: 770/330 340 772/210 220 230 5020/400 1042 5058/104 5075/35   
   PATH: 770/3 1 218/840 221/6 301/1 218/700 229/426