[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: smartcard configuration in openbsd
- To: misc_(_at_)_openbsd_(_dot_)_org
- Subject: Re: smartcard configuration in openbsd
- From: jolan <jolan_(_at_)_cryptonomicon_(_dot_)_org>
- Date: Tue, 26 Nov 2002 10:59:16 -0500
On Tue, Nov 26, 2002 at 08:22:22AM -0700, Ben Goren wrote:
> hold a few thousand private keys on a floppy. If you're worried
> about systems that don't have a floppy, add one of those
Depending on unreliable media for your authentication data is
> credit-card-sized mini-CDs and a USB ``pen'' drive to your wallet,
> and just keep duplicate copies of the information on all three.
> You'll be able to access the information on anything but a kiosk.
Last I checked (Sunday), those USB drives don't work under OpenBSD.
> Finallly, if all you're worried about is somebody installing a
> keyboard sniffer and getting your password, none of the above will
> do you a darn bit of good. The attacker will copy the key off the
In addition to carrying around your floppy disk/USB drive/mini-CD,
you could also carry around your own foldable keyboard too.
> removeable media and sniff the passphrase for it at the same time.
> Instead, what you need are one-time passwords. See skey (1).
Uh huh. Or see http://www.rsasecurity.com/products/securid/ for a real