> From: tech-boun...@lists.lopsa.org [mailto:tech-boun...@lists.lopsa.org] > On Behalf Of Yves Dorfsman > > Once the key pair is written to a file, it makes it very easy to be > compromised: physical access to a laptop, network hack to any place where > that > file is (the laptop, backups, possibly a USB key)... This looks like a huge > exposure that is difficult to close. Anybody run into a similar situation? How > do you make it more secure?
The easiest and best thing to do for several reasons, is to make sure all your laptops run whole disk encryption. This provides a lot of protection, not just for your ssh keyfiles, but all kinds of other stuff, and you can centrally administer and monitor, and deploy via policy. In addition to (or instead of) whole disk encryption, optionally, when you give the ssh keyfile to a user, you make them save it to disk with their own secret password. (For example, in puttygen, you import the keyfile, then you enter a password, and export again.) You can do the same thing with ssh-keygen (I've done it before) but I don't remember the details, so you'd have to consult the man page. If you do the latter option, you will not have any ability to enforce a policy, or monitor, or check password complexity, or anything. Also, depending on how/if ssh-keygen or puttygen introduces a workfactor (I don't know how/if they do) you could be subject to offline brute force password attacks anyway. _______________________________________________ Tech mailing list Tech@lists.lopsa.org https://lists.lopsa.org/cgi-bin/mailman/listinfo/tech This list provided by the League of Professional System Administrators http://lopsa.org/
