Security concerns of displaying ssh private key

ssh bash security private-key

Solution 1:

If you did this in private, there's no problem. Think about it – you only displayed on screen the exact same data that is already stored on your harddisk anyway. And if anyone could access your scrollback or your history, they could just as well read the id_rsa file directly.

  • Besides, your shell's history – even if it was readable to other users (which it isn't) – only contains commands, not their output. So all it'll have is a line with cat ~/.ssh/id_rsa in it.

  • The scrollback history, for most terminals, is stored entirely in memory. (libvte-based terminals sometimes use a backing file in /tmp, but that's either a tmpfs or is located in the same disk as your ~/.ssh, anyway...) So it becomes irrelevant once you close the terminal. And either way it is only accessible to you, of course.

  • And very often, the private key itself is encrypted with a passphrase and is unusable unless you decrypt it when ssh asks to.

Unless, of course, you did this in the presence of high-resolution security cameras, or even outright allowed someone to snap a photo of your terminal window. In that case, someone could retype the key from photos, and the only thing protecting it would be the encryption passphrase.

Related

how to clear all session on byobu
What is a u-Boot dtb file and how do I use it (BeagleBoard xM)?
Python ./configure does not find g++ compiler
See if Mac OS X has enabled hyperthreading?
How can I get the unix group name based on the group id?
SSH Agent loses identity while restart machine
How do I list all installed packages from the command line in bash / osX
How many hours the PC has worked
tmux 2.0 on OSX: ~/.tmux.conf doesn't work
Remove Chrome's Most Visited Icon on Taskbar (not the tabs)
What keyboard shortcut opens the Windows 10 Action Center?
Expand a Linux MD RAID 10 array to use larger disks