[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [SAGE] The danger of SSH keys..

To: Dustin Puryear <dustin@puryear-it.com>
Subject: Re: [SAGE] The danger of SSH keys..
From: "James J. Barlow" <jbarlow@ncsa.uiuc.edu>
Date: Mon, 22 Jan 2007 14:56:39 -0600
Cc: SAGE Members Mailing List <sage-members@usenix.org>
In-Reply-To: <1096018946.20070122130129@puryear-it.com>
Sender: owner-sage-members@usenix.org
User-Agent: Mutt/1.4.1i

On Mon, Jan 22, 2007 at 01:01:29PM -0600, Dustin Puryear wrote:
> 
> With keys, I want the ability to:
> 
> 3. Require private keys to have strong passwords (no realistic way to
> enforce this).
> 
> With this, I think the strength in using SSH keys could be
> dramatically increased.

Here is some research work that was done at NCSA to manage SSH public keys.
It takes the management out of the users control, and you can enforce
whatever type of pssphrase policy you want at the server:

    http://security.ncsa.uiuc.edu/research/ssh-remote-agent/

- Jim

Follow-Ups:
- Re[2]: [SAGE] The danger of SSH keys..
  - From: "Dustin Puryear" <dustin@puryear-it.com>

References:
- Re[2]: [SAGE] The danger of SSH keys..
  - From: "Dustin Puryear" <dustin@puryear-it.com>

Prev by Date: [SAGE] Speakers?
Next by Date: Re: [SAGE] Speakers?
Prev by thread: Re: [SAGE] The danger of SSH keys..
Next by thread: Re[2]: [SAGE] The danger of SSH keys..
Index(es):
- Date
- Thread