Date: Tue, 19 Mar 2002 14:58:45 -0500 From: Mike Tancsa <mike@sentex.net> To: Alfred Perlstein <bright@mu.org> Cc: security@FreeBSD.ORG Subject: Re: Safe SSH logins from public, untrusted Windows computers Message-ID: <5.1.0.14.0.20020319144819.022aba50@marble.sentex.ca> In-Reply-To: <20020319195119.GI455@elvis.mu.org> References: <20020319144538.A42969@palomine.net> <20020319144538.A42969@palomine.net>
next in thread | previous in thread | raw e-mail | index | archive | help
At 11:51 AM 3/19/02 -0800, Alfred Perlstein wrote: >Once you load the key onto the machine and type your passphrase in you've >done as good as just typing your password into it. > >Don't use untrusted machines or get something like secure-ID that >does one-time passwords. Are there such products that work with FreeBSD ? (e.g. some keychain token generator) CryptoCard and the RSALabs one only seem to work with LINUX/Windows. > Even with one time passwords you never know >if someone with control over the machine is sitting there waiting for >you to grab a cup of coffee in order to take control of your session >and do nasties. :( > >So I guess it boils down to: > "Don't use untrusted machines." Ideally yes. But how can one best limit that risk. ---Mike To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5.1.0.14.0.20020319144819.022aba50>