Re: Accounts on debian.org machines

To: debian-devel@lists.debian.org
Subject: Re: Accounts on debian.org machines
From: Niall Young <niall@chime.net.au>
Date: Tue, 9 Dec 2003 10:56:33 +0800 (WST)
Message-id: <[🔎] Pine.LNX.4.40.0312091051150.29816-100000@rave.iinet.net.au>
In-reply-to: <[🔎] E1ATBvB-0007Sg-00@chiark.greenend.org.uk>

On Mon, 8 Dec 2003, Matthew Garrett wrote:

> Steve Langasek wrote:
>
> >But an ssh key on removable media is not vulnerable to keysniffing
> >alone, where a password is.
>
> There's no inherent increase in security from using a key on a
> USB device other than the fact that attackers aren't thinking about that
> yet.

Cryptographic smart cards on a USB token seem like the only secure way
to store keys: http://www.datakey.com/products/smartCards/ikey.shtml

Niall Young                                    Chime Communications Pty Ltd
niall@chime.net.au                            Level 6, 263 Adelaide Terrace
Ph: (+61) 08 9213 1330 / 0408 192 797         Perth, Western Australia 6000

    "I was trying to kill a level 5 lumberjack in the MUD I play"
                                        -- Travis Read, August 2003

Reply to:

References:
- Re: Accounts on debian.org machines
  - From: Matthew Garrett <mgarrett@chiark.greenend.org.uk>

Prev by Date: Re: Backport of the integer overflow in the brk system call
Next by Date: Re: Re: Debian packages and freedesktop.org (Gnome, KDE, etc) menu entries
Previous by thread: Re: Accounts on debian.org machines
Next by thread: Bug#223311: ITP: debsigs-ng -- create and verify signatures on .deb-files
Index(es):
- Date
- Thread