From owner-freebsd-questions@FreeBSD.ORG Fri Apr 27 11:58:49 2007 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 5517116A403 for ; Fri, 27 Apr 2007 11:58:49 +0000 (UTC) (envelope-from schiz0phrenic21@gmail.com) Received: from nz-out-0506.google.com (nz-out-0506.google.com [64.233.162.235]) by mx1.freebsd.org (Postfix) with ESMTP id F406513C483 for ; Fri, 27 Apr 2007 11:58:48 +0000 (UTC) (envelope-from schiz0phrenic21@gmail.com) Received: by nz-out-0506.google.com with SMTP id s1so409444nze for ; Fri, 27 Apr 2007 04:58:48 -0700 (PDT) DKIM-Signature: a=rsa-sha1; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:references; b=k4oniSxqNpzVjHXC5lYCl5gnFnG/AMDBNBF83yrlg5MtRdmm2wcVDEVO4SB8WhU6yMQPXKbatX1GnTodK10nz7eT4cnqk5OAUecIeLYcI/2/SAgtCgiECHZ30KnHG1oL7lXzxiyAVCBoemQrvoTRowg3oQpbLUqE8Y4aCtFvIHM= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:references; b=cIQcW4G6kmzG+OdeWPW3ELN9eccooK7Mv8loVxSQDier9jShdQtKikcggfNmH7wpUQ2M3jZ8h+S4cn4R1gNFgyPdbzDuh6pHWQPoVHUDGvGFSlAbabJyaYY1WD5dERl0CD/Xc8aCnQDw01ScLcnoqMZ0/4ff0e0OEyFJ9uK+Jx0= Received: by 10.115.58.1 with SMTP id l1mr967348wak.1177675128028; Fri, 27 Apr 2007 04:58:48 -0700 (PDT) Received: by 10.114.52.13 with HTTP; Fri, 27 Apr 2007 04:58:47 -0700 (PDT) Message-ID: <8d23ec860704270458n52518c2yf74a49e1b689060f@mail.gmail.com> Date: Fri, 27 Apr 2007 07:58:47 -0400 From: Schiz0 To: "Bill Moran" In-Reply-To: <20070427063744.7639d3e1.wmoran@potentialtech.com> MIME-Version: 1.0 References: <20070415200255.18e6ab3f.wmoran@potentialtech.com> <20070416184315.GA93730@idoru.cepheid.org> <462E7F2A.10202@vindaloo.com> <20070425084454.165dd9d3.wmoran@potentialtech.com> <462F5AA6.1020906@dial.pipex.com> <20070427063744.7639d3e1.wmoran@potentialtech.com> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Cc: freebsd-questions@freebsd.org Subject: Re: Defending against SSH attacks with pf X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 27 Apr 2007 11:58:49 -0000 On 4/27/07, Bill Moran wrote: > > In response to Alex Zbyslaw : > > > Bill Moran wrote: > > > > >I'm a big fan of PKI, but PKI suffers from one major problem, and it's > > >the same flaw that physical keys suffer from: you have to have the key > > >with you. > > > > > > > > If I had to use SSH from random locations, I'd get a USB stick that > > attached to a (physical) keyring and just stick it with my (physical) > > keys since I already have to carry those everywhere. The SSH keys > > should be protected by decent passphrases so even losing the USB stick > > isn't the biggest deal. Imation seem to make one that has one of those > > climbing-style buckles: > > > http://www.misco.co.uk/applications/SearchTools/item-details.asp?EdpNo=247840&CatId=322 > > I've considered that, except that my keyring is already too damn big and > bulky. I am curious about the durability of USB jump drives, though. My > keys tend to get thrown around, they get wet, they experience extremes in > temperature. Do you have any experience with how well jump drives hold up > to that kind of torture? > > Despite the fact that it's a good idea, I've simply opted out on it. I've > got a good, long password for my account and when I weighed the risks vs. > the headaches I decided I was probably ok with a good long password. > > Of course, YMMV. > > -- > Bill Moran > http://www.potentialtech.com > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to " > freebsd-questions-unsubscribe@freebsd.org" My flash drive has gone through the washer machine and the only thing that happened was it got a small spot of rust on it. Other than that, it worked fine.