Re: Debian Investigation Report after Server Compromises
On Wed, Dec 03, 2003 at 05:52:30PM -0800, Vineet Kumar wrote:
> I'm considering keeping my private keys (ssh, gpg, etc) on removable
> storage, maybe one of those USB keys (then my keys could actually go on
> my keyring...). It's certainly not foolproof, but at least a sniffed
> passphrase could only be used against me when the key is inserted,
> which at least slightly reduces the possibility of a private key being
> compromised.
If the system is rooted, it would be trivial to write a replacement
for ssh (GPG, etc.) that copies your private keys onto the hard drive
for later retrieval. Definition of "trivial" is: I, a bad
programmer, could do it.
--
Carl Fink carl@fink.to
Jabootu's Minister of Proofreading
http://www.jabootu.com
Reply to: