Re: transfering files back along an existing connection

[Joe Rhett]

> If you cannot trust the system you are accessing a remote trusted host
> from then you're so totally and completely hosed that you should
> probably just go home and wipe out all your disks.  Have you any idea
> how unscrupulous an untrusted host can be if you're using it to access a
> trusted host?!?!?!?!  You *MUST* trust the client host.  PERIOD.  This

I most certainly must not.

If I am using a one-time hardware-based authentication mechansim, how
exactly would the root user of this untrusted host do anything I wouldn't
like, other than decrypting what I type/read? (we don't do much more than
read mail and update source files)

The people who work remotely are aware that the encryption can be
compromised on the host they are on, and don't do things like copy secret
keys around. The strong authentication prevents another session from being
opened by anyone else then or later. :-)

-- 
Joe Rhett                                                 Systems Engineer
[EMAIL PROTECTED]                                          ISite Services

PGP keys and contact information:          http://www.noc.isite.net/Staff/