begin quoting Dexter Filmore as of Thu, Mar 16, 2006 at 01:20:16AM +0100: > Am Mittwoch, 15. M?rz 2006 19:08 schrieb Stewart Stremler: > > begin quoting Dexter Filmore as of Wed, Mar 15, 2006 at 06:46:46PM +0100: > > > Am Samstag, 11. M?rz 2006 00:00 schrieb Tracy R Reed: [snip] > > > Even better was if ssh sent the public key to that machine and emailed > > > the admin with a request to allow the key to login. > > > One would have to code that into ssh of course or similar. > > > > Why? > > To have an official standard.
I guess I don't see why an official standard is needed for a one-liner. Plus, I would think that each administrator would have their own set of standards that they should enforce; an "official standard" would lead to automatic reactions instead of thinking for three seconds. I mean, how is ssh going to authenticate you to the remote administrator? (This is where PKI comes in, I suppose... you and the administrator should share a common certificate authority, so he can look up/verify your cert. Do we want to start putting ssh public keys into a PKI framework?) > > A usb stick is basically just a very long password that you have to keep > > written down somewhere. Stick your USB stick into an untrusted computer, > > and your key is compromised, just like a fixed password would be. > > If all that can be read is my public key? So you'd walk up to the administrator and say "I'd like an account on machine $FOO", hand 'em your company badge and a USB stick? (And, one hopes, the fingerprint to you key on a sheet of paper.) It won't help you log in from an arbitrary machine, which is what I thought you were trying to do. If you're just trying to distribute your public key so you can access various machines from your primary box, that's different. A USB stick works fine in that case. > > Go one step further ... use a smart-card; to communicate with the remote > > system, the local system streams data to the smart card, and the smart > > card encrypts/decrypts it. Include a challenge-response mechanism in > > there as well, and you have something worthwhile. An untrusted computer > > can't do anything to you after the fact, but only while you're using it. > > USB sticks - spread, can attach almost to any half way modern computer. > Smart card reader - about as common as BeOS. I have one. It doesn't do much. :( > I agree on your security thoughts, but what good is a key that doesn't fit any > lock. Smart Cards aren't around because they aren't widely used; but they're being used in more and more systems. Technology that doesn't _actually_ solve your problem isn't worth much. > > (Best is a laptop -- you keep your keys, input system, and display system > > all under *your* control. Trusted endpoints, untrusted network.) > > Laptop on my keyring will have me lose my pants a lot in public. not good. ;) Isn't that all the rage among kids these days? Besides, a good set of suspenders will take care of that problem for you. :) > > > What I would want is a key that not only grants me access to the local > > > machine but to any machine on the network I'm supposed to have access to. > > > > That would be equivalent to having one key to your car, your front door, > > your side door, your safe, your suitcases, etc. > > If that key - and the locks! - are sufficiently secure - alright. Ah, well, this is where our comfort levels differ. In a corporate environment especially, one-key-fits-all-locks is a lousy design, despite being highly desired. -- _ |\_ \| -- [email protected] http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-list
