[ On Thursday, February 11, 1999 at 11:39:47 (+0100), Peter Svensson wrote: ]
> Subject: Re: transfering files back along an existing connection
>
> An example of such a system is one which requires authentication of _all_
> your actions through a trusted device. This in effect moves the terminal
> client to the trusted device.
No, it does not.
You say you are talking about keys and authentication schemes, but then
you say that you don't trust the computing device on which the SSH
client software runs. These are two entirely different and separate
things.
SSH only eliminates the need to trust the wires *between* the computers.
The computers themselves, both the client and the server, are still part
of the trusted computing base and no amount of divorcing the
authentication schemes from the computing devices can change this.
This is a *VERY* critical issue for SSH users to understand. You cannot
safely walk up to your mortal enemy's computer (or any other un-trusted
computer) and use it to open an SSH connection into your secure network
no matter how careful you are to do all the actual authentication on a
separate disconnected hardware device, or how unique your one-time
password is.
--
Greg A. Woods
+1 416 218-0098 VE3TCP <[EMAIL PROTECTED]> <robohack!woods>
Planix, Inc. <[EMAIL PROTECTED]>; Secrets of the Weird <[EMAIL PROTECTED]>
