[chef] Re: Re: Re: Re: Re: Re: `knife ssh` to multiple servers with passphrase on key

[Dan Razzell < >]

Workstations are often the weakest link in the security chain.

Considering that you're now using that workstation to remotely administer multiple critical servers, it had better be the strongest link.

On 13-02-22 12:21 PM, Andrea Campi wrote:

" type="cite">

I don't understand. Are you worried that someone is going to hack your workstation, escalate privileges to root and retrieve you SSH keys off of ssh-agent's memory?

Then, sir, you are way more paranoid than I am; and I'm pretty paranoid. Respect :)

On Fri, Feb 22, 2013 at 9:13 PM, Dane Elwell < " target="_blank"> > wrote:

Thanks for the advice guys.

Just in case anyone wants to know how I did it, this worked for me:

    ssh-agent sh -c "ssh-add && knife ssh -p2020 -x root 'name:*' 'ls -a'"

I'll have a look at Keychain as that may be useful, however security
is important so I doubt we would want to keep the key available longer
than necessary!

Dane