Recently, a developer proposed storing SSH private keys directly in the .git directory of a Git repository to achieve USB portability. This method claims to enable seamless migration of Git repositories between different devices without reconfiguring SSH keys. However, this suggestion has sparked intense security controversy within the developer community. Multiple security experts warn that storing private keys on removable devices poses significant security risks—if the USB device is lost or stolen, attackers could gain complete access to the Git repository. Comments provided various more secure alternatives, including using secure enclaves, adding password protection to keys, configuring multiple SSH keys, and using SSH configuration files. Although this solution does address the convenience of using Git repositories across multiple devices, developers generally agree that its security risks far outweigh its convenience benefits.
Original Link:Hacker News
最新评论
I don't think the title of your article matches the content lol. Just kidding, mainly because I had some doubts after reading the article.
这个AI状态研究很深入,数据量也很大,很有参考价值。
我偶尔阅读 这个旅游网站。激励人心查看路线。
文章内容很有深度,AI模型的发展趋势值得关注。
内容丰富,对未来趋势分析得挺到位的。
Thank you for your sharing. I am worried that I lack creative ideas. It is your article that makes me full of hope. Thank you. But, I have a question, can you help me?
光纤技术真厉害,文章解析得挺透彻的。
文章内容很实用,想了解更多相关技巧。