Date: Tue, 19 Mar 2002 14:58:45 -0500 From: Mike Tancsa <mike@sentex.net> To: Alfred Perlstein <bright@mu.org> Cc: security@FreeBSD.ORG Subject: Re: Safe SSH logins from public, untrusted Windows computers Message-ID: <5.1.0.14.0.20020319144819.022aba50@marble.sentex.ca> In-Reply-To: <20020319195119.GI455@elvis.mu.org> References: <20020319144538.A42969@palomine.net> <20020319144538.A42969@palomine.net>
next in thread | previous in thread | raw e-mail | index | archive | help
At 11:51 AM 3/19/02 -0800, Alfred Perlstein wrote:
>Once you load the key onto the machine and type your passphrase in you've
>done as good as just typing your password into it.
>
>Don't use untrusted machines or get something like secure-ID that
>does one-time passwords.
Are there such products that work with FreeBSD ? (e.g. some keychain token
generator) CryptoCard and the RSALabs one only seem to work with
LINUX/Windows.
> Even with one time passwords you never know
>if someone with control over the machine is sitting there waiting for
>you to grab a cup of coffee in order to take control of your session
>and do nasties. :(
>
>So I guess it boils down to:
> "Don't use untrusted machines."
Ideally yes. But how can one best limit that risk.
---Mike
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5.1.0.14.0.20020319144819.022aba50>