[kwlug-disc] Tightening up SSH

Chris Irwin chris at chrisirwin.ca
Mon Jul 19 23:33:56 EDT 2010


On Mon, 2010-07-19 at 22:55 -0400, unsolicited wrote:
> That implies one is only ever using their own equipment, to hand, to 
> access their systems remotely. Part of the allure of remote access is 
> remote access from anywhere, any time, from any equipment.

I'd just like to point out that if you are using a third-party end
points you are not secure. SSH can only prevent eavesdropping between
endpoints.

That said, has anybody tried the Yubikey? I've been reading about it a
bit. Apparently there is a PAM module. It would provide one-time
passcode functionality for use on non-trusted machines.

http://www.yubico.com/products/yubikey/

-- 
Chris Irwin <chris at chrisirwin.ca>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part
URL: <http://astoria.ccjclearline.com/pipermail/kwlug-disc_kwlug.org/attachments/20100719/ad146124/attachment.bin>


More information about the kwlug-disc_kwlug.org mailing list