[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Debian Investigation Report after Server Compromises

On Wed, Dec 03, 2003 at 05:52:30PM -0800, Vineet Kumar wrote:

> I'm considering keeping my private keys (ssh, gpg, etc) on removable
> storage, maybe one of those USB keys (then my keys could actually go on
> my keyring...).  It's certainly not foolproof, but at least a sniffed
> passphrase could only be used against me when the key is inserted,
> which at least slightly reduces the possibility of a private key being
> compromised.

If the system is rooted, it would be trivial to write a replacement
for ssh (GPG, etc.) that copies your private keys onto the hard drive
for later retrieval.  Definition of "trivial" is: I, a bad
programmer, could do it.
-- 
Carl Fink             carl@fink.to        
Jabootu's Minister of Proofreading
http://www.jabootu.com
Reply to: