Aren't USB keys using a challenge and response system where the response is only valid when computed with the key. As such the response is accepted only once and is difficult, although possible, for a man in the middle steal and use before the "real" workstation does....
-----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Julius Szelagiewicz Sent: Monday, September 23, 2002 9:11 AM Cc: LTSP Discuss Subject: Re: [Ltsp-discuss] USB "Keys" LTSP implementation? Jason, i just don't see how usb key can be made secure. to stop sniffing attack, the kernel loaded into terminal would have to be able to encrypt traffic from the keyboard and decrypt traffic from the server. on the other hand, i've seen a little keyboard port dongle that records all the keystrokes .... julius On Mon, 23 Sep 2002, Jason A. Pattie wrote: > Julius Szelagiewicz wrote: > > >Tim, > > LTSP is inherently vulnerable to network sniffing. as long as > >information travels in plain text over the network, it can be easily > >intercepted. the usb keys are fine, but don't offer real security - they > >can be duplicated with ease. Our only home is that Jim McQ. will have > >enough free time to implement fully ssh encrypted workstation - server > > > You would really need to have an IPSec tunnel between the workstations > and the server to incorporate all possible traffic types for the > workstations. If you can get the "key" situation worked out securely, > then you can implement either SSH or IPSec for the workstations. > > >traffic from the moment when login process receives user name. julius > > ------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf _____________________________________________________________________ Ltsp-discuss mailing list. To un-subscribe, or change prefs, goto: https://lists.sourceforge.net/lists/listinfo/ltsp-discuss For additional LTSP help, try #ltsp channel on irc.openprojects.net ------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf _____________________________________________________________________ Ltsp-discuss mailing list. To un-subscribe, or change prefs, goto: https://lists.sourceforge.net/lists/listinfo/ltsp-discuss For additional LTSP help, try #ltsp channel on irc.openprojects.net