It has been a little while since I had my key on my USB thumbdrive, but if I recall correctly I had to copy it there manually, because SSH doesn't trust it. Once it is in place though, I was able to use it without difficulty, even though the permissions were too loose. To be fair, I was using the key with PuTTY on Windows, not on a UNIX box, so that might be a problem. On 30 March 2015 at 11:24, Giles Orr <gilesorr@gmail.com> wrote:
I'd like to keep an SSH key on a USB stick rather than storing it locally on every machine I want to use the key on. The theory is that this is "more secure" for laptops that could be stolen or lost, or used by others (ie. at work). The problem is that when I run "ssh-add /media/stick/my_dsa" ssh refuses to use the key because the security permissions are too liberal. As you can probably guess, this is because the USB key is formatted as vfat and I'm trying to use the key on a Unix system - the problem was actually encountered on a Mac laptop, I'm assuming the behaviour would be the same with a Linux machine - even if it's not, I need a solution for the Mac. vfat doesn't support per-user permissions, and so the stick is mounted such that all files have 777 perms.
I did some research which told me there's no way to tell ssh to ignore the perms error. I've seen a variety of solutions for this, but none are simple. I don't want to make a local copy of the key every time I have to add it. I don't want to have a separate ext4 partition on the key - not only is that awkward, but the ownership of the key is going to be a problem given that the UID of my user on the Mac won't be the same as it is on Linux machines (and may not even be the same on all my Linux machines, although I've tried to make that so). Has anyone found an elegant/simple solution for this?
-- Giles http://www.gilesorr.com/ gilesorr@gmail.com --- Talk Mailing List talk@gtalug.org http://gtalug.org/mailman/listinfo/talk