I’m a bit paranoid when it comes to security. For example, I don’t allow passwords to log into my computers via SSH but use RSA keys instead. Besides added security (there is no password to guess), it has a lot of other advantages as well. I normally run an ssh-agent (both on linux and Windows) which caches my credentials so I can log in without password.

On my desktop system, this was automatically secure against theft. Since the key is stored in RAM (or encrypted swap), it is flushed the moment the computer looses power. Since it was a desktop system, it’s fairly safe to assume that the power will be cut when someone steels my computer.

On my new MacBook Pro, things are a bit different: most of the time, my notebook is in standby and has an integrated UPS (its battery). So I was looking for something to get me the same security.

Surfing around got me to this very interesting page describing the integration of an ssh-agent into Leopard. I must admit that I was fairly impressed: It automatically starts ssh-agent on-demand and reads in all identities using the standard Mac KeyChains. One thing however was missing: removing the keys when the notebook enters standby.

The follow-up article mentions one way to do it, but I found that SleepWatcher is a much more versatile way to do this. SleepWatcher can do other things as well, like unmounting (ejecting) external drives when going to sleep, remounting them when waking up again.

One Comment

  1. Long-term Memory » Blog Archive » Useful things to do with Bluetooth says:

    […] combined these scripts with the ones that I use when the MacBook goes to sleep and wakes up. I added “killall Proximity” to the sleep-script and “open […]