Right now when I generate a CSR, the procedure goes something like this:
- Generate .key with a password
- Use the .key to generate .csr
- Remove the password from .key file
Is having the password on there while I generate the CSR any better than initially generating the CSR using a .key without a password?
If it's not better, what is the point of putting a password on the .key? Is this something that only applies when there are multiple users on the system? (I am the only ssh user)