Corporate public key?
Wed Jul 9 04:40:02 2003
-----BEGIN PGP SIGNED MESSAGE-----
Those USB keychains are way-cool. I agree this will work, but as others
have pointed out in this forum, plugging a memory stick into a computer
subjects that stick to possible behind-the-scenes copying as well as
logging of one's key-strokes (this would be trivial to accomplish by
anyone with root access). The same root user could log the password in
Perhaps I'm just ultra-paranoid: I just carry around my own laptop
which is convenient enough. I can either jack-in or just connect to our
net via wireless. (Yes, I know 802.11b isn't secure, but I am doing
Heh. Not too long ago we had a consultant in who tried to use a USB
disk keychain on a Dell/Win2KPro. Every time he inserted the keychain
into the USB port, the Dell rebooted. It was hilarious. I think he lost
a good hour downloading drivers, etc. and never did get it to work. So
I plugged it into my iBook and served up the disk for him via Samba. He
was not happy. ;)
On Tuesday, July 8, 2003, at 07:13 PM, Ben Finney wrote:
> I've made the investment of a USB stick with 128MiB flash memory. This
> stores my SSH keys, GPG keys, and tools to use them on various OSen.
> Most places I go will have a USB port available on some machine
> somewhere; I just plug in my memory stick and fire up the SSH client.
> This is not appropriate in all circumstances, but it greatly increases
> the number of places from which I can access my accounts without using
> password authentication.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (Darwin)
-----END PGP SIGNATURE-----