[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Key management using a USB key

On Mon, 7 Mar 2005 21:52:31 -0800, Steve Langasek <vorlon@debian.org>
>On Tue, Mar 08, 2005 at 12:46:59AM -0500, sean finney wrote:
>> On Tue, Mar 08, 2005 at 12:46:46AM +0100, David Härdeman wrote:
>> > o In order to minimize the exposure of the key, it might be wise to 
>> >  mount the drive, load the keys (ssh,gpg) into the memory of the 
>> >  appropriate agents and then unmount the drive. On the other hand, does 
>> >  this actually provide any extra security as opposed to having the key 
>> >  mounted for the entire session?
>> i have a usb/hotplug/ssh-add script that loads an ssh key off of a usb
>> stick, and removes it when the usb stick is removed.  if you're
>> interested i can send you a copy off-list.
>Any reason not to post it on-list?  I was hoping to improve the
>security/usability of my own setup based on the best practices offered up in
>reply to this thread.

I would suggest putting the script in the Debian wiki.


-------------------------------------- !! No courtesy copies, please !! -----
Marc Haber         |   " Questions are the         | Mailadresse im Header
Mannheim, Germany  |     Beginning of Wisdom "     | http://www.zugschlus.de/
Nordisch by Nature | Lt. Worf, TNG "Rightful Heir" | Fon: *49 621 72739834

Reply to: