|
|
|
|
|
|
by macspoofing
2540 days ago
|
|
|
Or you can restrict the file with the key to a specific user and only run the process as that user. The point is, you haven't actually solved the problem. It's not magic. In a 2-system authentication scheme, where headless access is necessary, a key needs to be somewhere in plaintext accessible to the process. You can obfuscate this, or add OS controls, or hardware chips, or ssh-agent, or keystores, or web-services for keys, but it doesn't change this reality. |
|
|