Date: Tue, 19 Mar 2002 15:19:52 -0500 From: Tom Rhodes <darklogik@pittgoth.com> To: Alfred Perlstein <bright@mu.org> Cc: Chris Johnson <cjohnson@palomine.net>, security@FreeBSD.ORG Subject: Re: Safe SSH logins from public, untrusted Windows computers Message-ID: <3C979D68.5060609@pittgoth.com> References: <20020319144538.A42969@palomine.net> <20020319195119.GI455@elvis.mu.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Alfred Perlstein wrote: > * Chris Johnson <cjohnson@palomine.net> [020319 11:45] wrote: > [snip] > >>Does anyone have any comments, or does anyone have a better idea? >> > > Once you load the key onto the machine and type your passphrase in you've > done as good as just typing your password into it. > > Don't use untrusted machines or get something like secure-ID that > does one-time passwords. Even with one time passwords you never know > if someone with control over the machine is sitting there waiting for > you to grab a cup of coffee in order to take control of your session > and do nasties. :( don't drink coffee, or logout before getting the coffee, or just bring it to the system with you ;) > > So I guess it boils down to: > "Don't use untrusted machines." > > Thats a good idea though ;) -- Tom (Darklogik) Rhodes www.Pittgoth.com Gothic Liberation Front www.FreeBSD.org The Power To Serve To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3C979D68.5060609>