On Sun, Dec 07, 2003 at 09:27:53PM +0100, Tollef Fog Heen wrote: > * Matt Zimmerman > | (Please follow up on a public list) > done, -devel has M-F-T set to. > | On Sun, Dec 07, 2003 at 06:26:48PM +0100, Tollef Fog Heen wrote: > | > | > * Matt Zimmerman > | > > | > | You would type a Debian password into a system that you do not trust > | > | with an ssh private key? > | > > | > Yes, since I don't want to keep a key on them, since they are not > | > secure over time. They are most likely secure when I'm sitting at the > | > console. See above for an example: I don't trust that anything I put > | > permanently on the hard drive won't be compromised, however, I don't > | > think the box itself has any trojans or keysniffers installed. > | > | This doesn't make sense to me; if the system is not trustworthy, then you > | should not trust it with any authentication data, whether passwords or ssh > | keys. > You are forgetting the temporal aspect here. A machine may be viewed > as fairly safe when I have physical control of it. That does not mean > that the machine is safe always, which is the case for, say my > father's windows 2000 laptop when it's only connected to a NAT-ed > internet connection. But an ssh key on removable media is not vulnerable to keysniffing alone, where a password is. -- Steve Langasek postmodern programmer
Attachment:
signature.asc
Description: Digital signature