Re: [tlug] SSH'ing to home with only port 80

[Shawn <shawn@example.com>]

> Unfortunately, that turns out to be useless---the intruder simply
> sends the intercepted PGP file to the servlet.  A sufficiently dumb
> intruder might not even notice that it was PGPed, yet succeed!
> 
>     Shawn> There are alternatives too.

uuh sorry, 

thinking too quickly -- didn't explain properly

I'd generate a list of passwords so they were disposable.

Each file you sent in could be used just once.

PGPing would just hide the length of the password.

So you'd just write a script to gen passwords, write them to disk where
the server could read it, and on to a disk that you bring to work.  The
servlet could track it and say ok now I need password #23 for instance.

Shawn