> To do it properly, you'd have to make 100% sure your > system isn't compromised in anyway, or the keys you get > are useless. Install a new box from known clean media > (vendor-supplied, not "someone burnt it for me") while not > having a network connection, create a key pair, and store > that on floppy, better on a CD, or both. This gives you > good keys, but doesn't help much on a compromised system. > Good luck :)
I just d/l'ed IPCop which I'm going to install on a spare box - I'm finally getting round to using a serious firewall. I expect this to be a nice secure box, but it won't have gui on it. I'll dig around for cli keypair generator. I'd expect IPCop to come with one. Yuri
