Skip site navigation (1)Skip section navigation (2)
Date:      Mon, 9 Feb 2009 13:53:47 -0800 (PST)
From:      Jason Stone <freebsd-security@dfmm.org>
To:        Lyndon Nerenberg <lyndon@orthanc.ca>
Cc:        freebsd-security@freebsd.org, Daniel Roethlisberger <daniel@roe.ch>
Subject:   Re: OPIE considered insecure
Message-ID:  <20090209134738.G15166@treehorn.dfmm.org>
In-Reply-To: <alpine.BSF.2.00.0902091246280.61088@mm.orthanc.ca>
References:  <200902090957.27318.mail@maxlor.com> <20090209170550.GA60223@hobbes.ustdmz.roe.ch> <alpine.BSF.2.00.0902091246280.61088@mm.orthanc.ca>

next in thread | previous in thread | raw e-mail | index | archive | help

>> I also prefer current OPIE to copying SSH private keys to untrusted 
>> machines.

> The machine you are logging IN TO does not require your private key, 
> just your public key.

Right, but that's not the problem they're trying to solve.  They're trying 
to solve the problem of logging in _from_ an untrusted machine, to a 
trusted machine.

So, an alternative might be to carry around a USB key with a one-time 
private key, different from your normal private keys, and have the public 
key command-squashed on the server to remove itself from authorized_keys 
before running the shell.

You could generate several, each with a different passphrase (assuming 
that you could manage to remember that many passphrases and which keys 
they go with), and get a similar effect to printing out a card with the 
next ten OPIE passwords.


   -Jason




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20090209134738.G15166>