I am planing my next video about duplicacy on youtube.
I want to show a secure authentication method for an offsite (cloud) storage.
I guess sftp key exchange would do a good job here.
Nevertheless I have some questions:
- I couldn’t find an option to overhand the private key password to duplicacy. Is my assumption correct that I have to leave the private key file unencrypted to make a non interactive backup possible?
- Which parameters for ssh-keygen guarantee “state of the art” security?
- Should the generated key pair used exclusively for duplicacy?
- Where is a good place to store the ssh certificate?
- Why is it safer to use certificates instead of password authentication?
- Any other ideas which would make the backup procedure secure?