Re: Key management using a USB key
On Mon, 7 Mar 2005 21:52:31 -0800, Steve Langasek <firstname.lastname@example.org>
>On Tue, Mar 08, 2005 at 12:46:59AM -0500, sean finney wrote:
>> On Tue, Mar 08, 2005 at 12:46:46AM +0100, David Härdeman wrote:
>> > o In order to minimize the exposure of the key, it might be wise to
>> > mount the drive, load the keys (ssh,gpg) into the memory of the
>> > appropriate agents and then unmount the drive. On the other hand, does
>> > this actually provide any extra security as opposed to having the key
>> > mounted for the entire session?
>> i have a usb/hotplug/ssh-add script that loads an ssh key off of a usb
>> stick, and removes it when the usb stick is removed. if you're
>> interested i can send you a copy off-list.
>Any reason not to post it on-list? I was hoping to improve the
>security/usability of my own setup based on the best practices offered up in
>reply to this thread.
I would suggest putting the script in the Debian wiki.
-------------------------------------- !! No courtesy copies, please !! -----
Marc Haber | " Questions are the | Mailadresse im Header
Mannheim, Germany | Beginning of Wisdom " | http://www.zugschlus.de/
Nordisch by Nature | Lt. Worf, TNG "Rightful Heir" | Fon: *49 621 72739834