Your SSH Keys Are Naked and It's Your Fault
I’ve been SSHing into production boxes since before most junior devs were born. In that time, I’ve seen the same sins repeated across every generation of sysadmins: naked private keys sitting in ~/.ssh with no passphrase, copy-pasted across laptops, synced to Dropbox (yes, really), and generally treated with the same care as a grocery list. If your SSH private key doesn’t have a passphrase on it right now, you’re one stolen laptop away from a very bad day. ...