[kwlug-disc] Tightening up SSH
Chris Irwin
chris at chrisirwin.ca
Mon Jul 19 23:33:56 EDT 2010
On Mon, 2010-07-19 at 22:55 -0400, unsolicited wrote:
> That implies one is only ever using their own equipment, to hand, to
> access their systems remotely. Part of the allure of remote access is
> remote access from anywhere, any time, from any equipment.
I'd just like to point out that if you are using a third-party end
points you are not secure. SSH can only prevent eavesdropping between
endpoints.
That said, has anybody tried the Yubikey? I've been reading about it a
bit. Apparently there is a PAM module. It would provide one-time
passcode functionality for use on non-trusted machines.
http://www.yubico.com/products/yubikey/
--
Chris Irwin <chris at chrisirwin.ca>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part
URL: <http://kwlug.org/pipermail/kwlug-disc_kwlug.org/attachments/20100719/ad146124/attachment.sig>
More information about the kwlug-disc
mailing list