Dr Andrew C Aitchison wrote:
ssh-agent means that although the ssh keys aren't stored on disk they *are* held in memory much of the time. Given that many laptops are suspended and rarely rebooted, do you have a way of ensuring that the machine regularly reconfirms the user's identity ?
Kerberosized ssh. -- Please sign my petition: http://petitions.number10.gov.uk/alcohol-buying/ --------------------------------------------------------- Faye Gibbins, Computing Officer (Infrastructure Services) GeoS KB; Linux, Unix, Security and Networks. Beekeeper - The Apiary Project, KB - www.bees.ed.ac.uk --------------------------------------------------------- I grabbed at spannungsbogen before I knew I wanted it. The University of Edinburgh is a charitable body, registered in Scotland, with registration number SC005336.
