[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [SAGE] The danger of SSH keys..

To: danaq@pobox.com
Subject: Re: [SAGE] The danger of SSH keys..
From: "Meenoo Shivdasani" <meenoo@gmail.com>
Date: Mon, 22 Jan 2007 11:47:39 -0500
Cc: sage-members@usenix.org
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=H391bLNQoWK3dGSaZhcb0t8hGDtMnwxh/ELbymren6RmcDTTkjENGKcMVn8nJS6HMI14pwMyKhUYpaiv488te8XUAh4Xu6HfRulUf8fu8nutlnnpxzD4JjU+eMHGrR4RPZzQgbAFTpcb6OaTyJsnmJtr3a22fBNNXEXrdKkCwdA=
In-Reply-To: <d6bfee120701220811n6bca9890h25c2175b8340fd32@mail.gmail.com>
References: <410572049.20070122085528@puryear-it.com> <d6bfee120701220811n6bca9890h25c2175b8340fd32@mail.gmail.com>
Sender: owner-sage-members@usenix.org

On 1/22/07, Dana Quinn <dquinn@gmail.com> wrote:
> Make it so people only have access to a keygen binary that requires a
> password.  I'm aware of a large company that does this fairly
> successfully.  Could get unwieldy as you need to cover all the

What stops someone from taking a key generated with that binary,
importing into another key management tool, removing the keyphrase,
and saving it back out?

M

Follow-Ups:
- Re: [SAGE] The danger of SSH keys..
  - From: "Dana Quinn" <dquinn@gmail.com>

References:
- [SAGE] The danger of SSH keys..
  - From: "Dustin Puryear" <dustin@puryear-it.com>
- Re: [SAGE] The danger of SSH keys..
  - From: "Dana Quinn" <dquinn@gmail.com>

Prev by Date: Re: [SAGE] The danger of SSH keys..
Next by Date: Re: [SAGE] The danger of SSH keys..
Prev by thread: Re: [SAGE] The danger of SSH keys..
Next by thread: Re: [SAGE] The danger of SSH keys..
Index(es):
- Date
- Thread