[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Key management using a USB key



An arguably more secure approach would be to use a cryptographic smart
card in a usb key form factor with OpenSC. Unfortunately integration
with ssh and gpg is lacking at this point, but I hope to be able to do
something about that post-sarge (ssh has support but doesn't compile
it in, and gnupg support will come with gnupg 2.0).

* David H?rdeman (david@2gen.com) wrote:
> Hi all,
> 
> first of all, this might be slightly off-topic for the debian-devel 
> list, but I've got the impression that it's already been solved by some 
> DD's and might prove interesting to others (including non-DD's such as 
> me).
> 
> I've been meaning for some time to get a USB key to manage private keys  
> (such as gpg, ssh, etc), but it's not until recently that I tried to sit 
> down and sketch on how to implement it (filesystem layout, 
> functionality, which parts are encrypted and accessed at which points in 
> time etc). It turns out that it was not as obious as I thought.
> 
> Things which I've considered so far:
> 
> o In order to minimize the exposure of the key, it might be wise to 
>  mount the drive, load the keys (ssh,gpg) into the memory of the 
>  appropriate agents and then unmount the drive. On the other hand, does 
>  this actually provide any extra security as opposed to having the key 
>  mounted for the entire session?
> 
> o Password entry, it's a hassle to enter 10 different passwords, what 
>  would be the best way to reduce the number of password entries? dm-crypt 
>  to mount an encrypted file on the USB key and then have the gpg and ssh 
>  keys unencrypted within? The login to X/console etc could then maybe be 
>  performed using libpam-usb [1] so that only the password for the 
>  dm-crypt filesystem is needed?
> 
> o Especially on laptops, it might be interesting to also encrypt all of 
>  /home and/or other parts of the harddrive to make the data unusuable 
>  without the USB key. But how to integrate this with the other 
>  requirements?
> 
> o Revocation certificates for the gpg keys, are there arguments 
>  for/against storing them on the usb key? 
> 
> o Automagic setup. Hopefully, some scripts in conjunction with 
>  udev/hotplug/pmount/whatever could make everything "just work" (tm) when 
>  the key is inserted.
> 
> o USB key removal, how should it be handled if the key is physically 
>  removed during a session? Maybe kill the agents and run xscreensaver 
>  until the key is reinserted...
> 
> o Permissions, how are these handled when the key moves between systems 
>  where my userid might differ?
> 
> o Other issues?
> 
> It would be very interesting to hear how others manage this...
> 
> Kind regards,
> David
> 
> 
> [1] http://bugs.debian.org/234134
> 
> 

-- 
Eric Dorland <eric.dorland@mail.mcgill.ca>
ICQ: #61138586, Jabber: hooty@jabber.com
1024D/16D970C6 097C 4861 9934 27A0 8E1C  2B0A 61E9 8ECF 16D9 70C6

-----BEGIN GEEK CODE BLOCK-----
Version: 3.12
GCS d- s++: a-- C+++ UL+++ P++ L++ E++ W++ N+ o K- w+ 
O? M++ V-- PS+ PE Y+ PGP++ t++ 5++ X+ R tv++ b+++ DI+ D+ 
G e h! r- y+ 
------END GEEK CODE BLOCK------

Attachment: signature.asc
Description: Digital signature


Reply to: