[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Key management using a USB key

Hi all,

first of all, this might be slightly off-topic for the debian-devel list, but I've got the impression that it's already been solved by some DD's and might prove interesting to others (including non-DD's such as me).

I've been meaning for some time to get a USB key to manage private keys (such as gpg, ssh, etc), but it's not until recently that I tried to sit down and sketch on how to implement it (filesystem layout, functionality, which parts are encrypted and accessed at which points in time etc). It turns out that it was not as obious as I thought.

Things which I've considered so far:

o In order to minimize the exposure of the key, it might be wise to mount the drive, load the keys (ssh,gpg) into the memory of the appropriate agents and then unmount the drive. On the other hand, does this actually provide any extra security as opposed to having the key mounted for the entire session?

o Password entry, it's a hassle to enter 10 different passwords, what would be the best way to reduce the number of password entries? dm-crypt to mount an encrypted file on the USB key and then have the gpg and ssh keys unencrypted within? The login to X/console etc could then maybe be performed using libpam-usb [1] so that only the password for the dm-crypt filesystem is needed?

o Especially on laptops, it might be interesting to also encrypt all of /home and/or other parts of the harddrive to make the data unusuable without the USB key. But how to integrate this with the other requirements?

o Revocation certificates for the gpg keys, are there arguments for/against storing them on the usb key? o Automagic setup. Hopefully, some scripts in conjunction with udev/hotplug/pmount/whatever could make everything "just work" (tm) when the key is inserted.

o USB key removal, how should it be handled if the key is physically removed during a session? Maybe kill the agents and run xscreensaver until the key is reinserted...

o Permissions, how are these handled when the key moves between systems where my userid might differ?

o Other issues?

It would be very interesting to hear how others manage this...

Kind regards,

[1] http://bugs.debian.org/234134

Reply to: