Mailing List Archive

   tlug.jp -> Mailing List -> tlug archive -> tlug Mailing List Archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [tlug] bootable linux with sshd

On Wed, 3 Jan 2007, Fergal Daly wrote:

Someone with access to my hardware could key-sniff my ssh passphrase
and sudo password.


Not necessarially. Sniffing that stuff would require a different sort of
access, a different level of expertise, and possibly different equipment
from what's necessary merely to copy a file from the disk.

That entails a different sort of access than simply
copying a file from the disk.

I am not defending myself against this attack. 

That's not really relevant. The question is: what attacks are you
defending against, is a defense that requires access to one of your
computers holding the private key going to put a significant barrier in
the way of at least some of your potential attackers, and what will it
cost you to implement this defense?

That last bit is the key, really; what I'm saying here is that it looks
to me as if it's so cheap that it's well worth doing, and you're saying
that it's expensive enough that it's not worth it.

cjs
--
Curt Sampson       <cjs@example.com>        +81 90 7737 2974

Home | Main Index | Thread Index

Home Page Mailing List Linux and Japan TLUG Members Links