This is why I keep my ssh credentials on a flash drive and add it to ssh agent for time limited periods. Adds some insulation.
SSH keys should always have paraphrases.
At the very least keys without passphrases (such as for automated tasks) should restrict what commands can be run, should not give access to an interactive shell, and should go to a very specific user with as little file system access as is necessary to do the task. If an automated ssh task is giving access to the places you put your private keys and bash history, you're probably doing something very wrong.
Cybersecurity
c/cybersecurity is a community centered on the cybersecurity and information security profession. You can come here to discuss news, post something interesting, or just chat with others.
THE RULES
Instance Rules
- Be respectful. Everyone should feel welcome here.
- No bigotry - including racism, sexism, ableism, homophobia, transphobia, or xenophobia.
- No Ads / Spamming.
- No pornography.
Community Rules
- Idk, keep it semi-professional?
- Nothing illegal. We're all ethical here.
- Rules will be added/redefined as necessary.
If you ask someone to hack your "friends" socials you're just going to get banned so don't do that.
Learn about hacking
Other security-related communities !databreaches@lemmy.zip !netsec@lemmy.world !cybersecurity@lemmy.capebreton.social !securitynews@infosec.pub !netsec@links.hackliberty.org !cybersecurity@infosec.pub !pulse_of_truth@infosec.pub
Notable mention to !cybersecuritymemes@lemmy.world