SSH key with passphrase

So this seems like a pretty severe security weakness… that in order to use sftp with public key authentication, you have to have a private key file laying around on your file system, that is not password protected.

Yes you could use ssh agent forwarding, but on Windows at least, I dunno how well that works with Pageant if running Duplicacy as a service.

But is the above quote still valid? A cursory look at the source indicates the key file is unlocked with ParsePrivateKey(). However, there now(?) seems to be a corresponding function ParsePrivateKeyWithPassphrase(). Is this enough to get our keys secured a bit better?

2 Likes

I actually added the passphrase support in my branch a few weeks ago, but didn’t pushed out the commit to github until now.

So this will be included in the next update.

5 Likes

This is fantastic! Thanks for this update, I’ll build it later today and try it out…

This topic was automatically closed after 14 days. New replies are no longer allowed.