Safe SSH logins from public, untrusted Windows computers
From: Chris Johnson (cjohnson@palomine.net)
Date: 03/19/02
- Next message: Alfred Perlstein: "Re: Safe SSH logins from public, untrusted Windows computers"
- Previous message: Geminai International Travels: "ข่าวดี วันสงกรานต์ [virus free]"
- Next in thread: Alfred Perlstein: "Re: Safe SSH logins from public, untrusted Windows computers"
- Reply: Alfred Perlstein: "Re: Safe SSH logins from public, untrusted Windows computers"
- Reply: Laurence Berland: "RE: Safe SSH logins from public, untrusted Windows computers"
- Reply: Mitch Collinsworth: "Re: Safe SSH logins from public, untrusted Windows computers"
- Reply: Richard Ward: "Re: Safe SSH logins from public, untrusted Windows computers"
- Reply: Brad Jones: "Re: Safe SSH logins from public, untrusted Windows computers"
- Maybe reply: Chris Johnson: "Re: Safe SSH logins from public, untrusted Windows computers"
- Reply: Jason Stone: "Re: Safe SSH logins from public, untrusted Windows computers"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 19 Mar 2002 14:45:38 -0500 From: Chris Johnson <cjohnson@palomine.net> To: security@freebsd.org
This isn't exactly FreeBSD-security-related, but it's certainly
security-related, and I think it's likely to be of interest to many of the list
members.
I spend a lot of time in hotels, and most of them have Internet centers with
Windows computers for the use of hotel guests. It's easy enough to download a
copy of PuTTY and hide it in the Windows directory so that I can make SSH
logins to my various remote servers.
I worry, however, about trojans and keyboard sniffers and what-have-you
monitoring my keystrokes, so I don't feel particularly safe doing this. So I
thought I might stick a DSA key, encrypted with a passphrase used only for that
particular key, on a floppy disk, and use that to log in. Without the floppy
disk, the passphrase, if sniffed or recorded, would be useless.
Question: if I plan on doing any work as root, would I be better off setting
PermitRootLogin to without-password and logging in directly as root, instead of
following the common practive of logging in as a regular user and then su-ing?
su-ing would require that I type the password, and that's what I'm trying to
avoid.
Does anyone have any comments, or does anyone have a better idea?
Thanks.
Chris Johnson
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
- application/pgp-signature attachment: stored
- Next message: Alfred Perlstein: "Re: Safe SSH logins from public, untrusted Windows computers"
- Previous message: Geminai International Travels: "ข่าวดี วันสงกรานต์ [virus free]"
- Next in thread: Alfred Perlstein: "Re: Safe SSH logins from public, untrusted Windows computers"
- Reply: Alfred Perlstein: "Re: Safe SSH logins from public, untrusted Windows computers"
- Reply: Laurence Berland: "RE: Safe SSH logins from public, untrusted Windows computers"
- Reply: Mitch Collinsworth: "Re: Safe SSH logins from public, untrusted Windows computers"
- Reply: Richard Ward: "Re: Safe SSH logins from public, untrusted Windows computers"
- Reply: Brad Jones: "Re: Safe SSH logins from public, untrusted Windows computers"
- Maybe reply: Chris Johnson: "Re: Safe SSH logins from public, untrusted Windows computers"
- Reply: Jason Stone: "Re: Safe SSH logins from public, untrusted Windows computers"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
