GnuPG in universities

Werner Koch wk@gnupg.org
Mon Jun 11 09:15:02 2001


 || On Sun, 10 Jun 2001 17:10:33 -0500
 || David Champion <dgc@uchicago.edu> wrote: 

 dc> this pass is significantly different for me, largely because of the
 dc> inclusion of SSH.

Well, I was thinking of someone using ssh on an untrusted box to login
to his home box to use gpg there (a gpg which is used to represent
himself).  I think we all agree that this is a bad idea, unless you
use OTP to login, have no passphrase on your secring and watch out for
unexpected errors.

 dc> In principle: SSH is still better than telnet or rlogin, even if you
 dc> can't trust the keys.  You just have to know what your keys are worth,

You should always know what you are doing.  I have so often noticed
people saying yes to the notice about a changed host key, that I am
not sure that everyone knows what he is doing.  2 features I'd like to
see in ssh are:

   * a notice on how to check the fingerprint of a key.  It is not
     easy for the newbie to figure out that he has to use ssh-keygen
     to display the fingerprint.  An extra tool with an included grep
     like facility to select the key could do a better job.

   * A way to flag keys in known_hosts with a trust parameter, so that
     you can check later how much trust you have put into this key
     (whether you checked the fingerprint over second channel or just
     assumed everything is okay).  I have quite a couple of host and
     some are more trustworthy than others.

 dc> The matter at hand: Of course, I wouldn't use gpg the way this poster
 dc> is asking, anyway. :)

Yes, this "shared computer pool" panicked me somewhat.  

Ciao,

  Werner

-- 
Werner Koch        Omnis enim res, quae dando non deficit, dum habetur
g10 Code GmbH      et non datur, nondum habetur, quomodo habenda est.
Privacy Solutions                                        -- Augustinus