Mailing List Archive


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [tlug] bootable linux with sshd



On Wed, 3 Jan 2007, Fergal Daly wrote:

Someone with access to my hardware could key-sniff my ssh passphrase
and sudo password.

Not necessarially. Sniffing that stuff would require a different sort of access, a different level of expertise, and possibly different equipment from what's necessary merely to copy a file from the disk.

That entails a different sort of access than simply
copying a file from the disk.

I am not defending myself against this attack.

That's not really relevant. The question is: what attacks are you defending against, is a defense that requires access to one of your computers holding the private key going to put a significant barrier in the way of at least some of your potential attackers, and what will it cost you to implement this defense?

That last bit is the key, really; what I'm saying here is that it looks
to me as if it's so cheap that it's well worth doing, and you're saying
that it's expensive enough that it's not worth it.

cjs
--
Curt Sampson       <cjs@example.com>        +81 90 7737 2974


Home | Main Index | Thread Index

Home Page Mailing List Linux and Japan TLUG Members Links