[ On Tuesday, February 9, 1999 at 04:10:10 (-0800), Joe Rhett wrote: ]
> Subject: Re: transfering files back along an existing connection
>
> True. But if I use RSA authentication, I am potentially trusting them
> forever. If I use hardware-based one-time passwords then I have a risk of
> session compromise, but I don't incur the risk of sessions being initiated
> after I've left. It minimizes the risk beyond what RSA can provide.
Yes agreed, though ultimately you do have have final control over the
use of RSA for user authentication at the server side. You need not
permit any future connections using a given RSA key pair.
I.e. you can eliminate the risk of RSA private key compromise yourself.
If you don't trust that your personal RSA private key is still private
after you leave the client site then wipe out it's companion on your
server side *before* you close your last SSH connection. Generate a new
one only after you return home.
Indeed a separate one-time-password scheme (i.e. one implemented outside
of SSH, be it S/Key or some hardware based challenge/response system)
will eliminate the issues of poor key management in SSH. I've said this
right from the very beginning. However if it's going to limit your
ability to do what you need to do then you must weigh the costs of the
inconvenience you've complained about vs. the threats you percieve and
decide which you're truly willing to bear. Security is not a "black and
white" issue, no matter how much "Spy vs. Spy" in MADD Magazine might
make it out to be.
--
Greg A. Woods
+1 416 218-0098 VE3TCP <[EMAIL PROTECTED]> <robohack!woods>
Planix, Inc. <[EMAIL PROTECTED]>; Secrets of the Weird <[EMAIL PROTECTED]>
