Date: Wed, 25 Apr 2007 14:41:58 +0100 From: Alex Zbyslaw <xfb52@dial.pipex.com> To: Bill Moran <wmoran@potentialtech.com> Cc: User Questions <freebsd-questions@freebsd.org> Subject: Re: Defending against SSH attacks with pf Message-ID: <462F5AA6.1020906@dial.pipex.com> In-Reply-To: <20070425084454.165dd9d3.wmoran@potentialtech.com> References: <20070415200255.18e6ab3f.wmoran@potentialtech.com> <20070416184315.GA93730@idoru.cepheid.org> <462E7F2A.10202@vindaloo.com> <20070425084454.165dd9d3.wmoran@potentialtech.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Bill Moran wrote: >I'm a big fan of PKI, but PKI suffers from one major problem, and it's >the same flaw that physical keys suffer from: you have to have the key >with you. > > If I had to use SSH from random locations, I'd get a USB stick that attached to a (physical) keyring and just stick it with my (physical) keys since I already have to carry those everywhere. The SSH keys should be protected by decent passphrases so even losing the USB stick isn't the biggest deal. Imation seem to make one that has one of those climbing-style buckles: http://www.misco.co.uk/applications/SearchTools/item-details.asp?EdpNo=247840&CatId=322 Probably you could fit the install file for PuTTY on there too, in case you had to use from a primitive windows environment. --Alex
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?462F5AA6.1020906>