Re[2]: [SAGE] The danger of SSH keys..

["Dustin Puryear" <dustin@puryear-it.com>]

What an excellent find!

That webpage basically boils down this discussion to a few bullet
points.

---
Puryear Information Technology, LLC
Baton Rouge, LA * 225-706-8414
http://www.puryear-it.com

Author:
  "Best Practices for Managing Linux and UNIX Servers"
  "Spam Fighting and Email Security in the 21st Century"

Download your free copies:
  http://www.puryear-it.com/publications.htm


Monday, January 22, 2007, 2:56:39 PM, you wrote:

> On Mon, Jan 22, 2007 at 01:01:29PM -0600, Dustin Puryear wrote:
>> 
>> With keys, I want the ability to:
>> 
>> 3. Require private keys to have strong passwords (no realistic way to
>> enforce this).
>> 
>> With this, I think the strength in using SSH keys could be
>> dramatically increased.

> Here is some research work that was done at NCSA to manage SSH public keys.
> It takes the management out of the users control, and you can enforce
> whatever type of pssphrase policy you want at the server:

>     http://security.ncsa.uiuc.edu/research/ssh-remote-agent/


> - Jim