[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Gnumed-devel] ssh-keygen question

From: Ian Haywood
Subject: Re: [Gnumed-devel] ssh-keygen question
Date: Sun, 27 Feb 2005 20:57:44 +1100
User-agent: Mozilla Thunderbird 0.8 (X11/20041012)

Sebastian Hilbert wrote:
A little off topic but still worth mentioning. I bought my self a fingerprint/biometric protected usb stick and keep my private keys
Cool, where from?
ssh/gpg/certificates on this device. Just place a symlink into your homedir. I even use it to login on my linux box. No more password typing. This little stick is actually quite safe. All encryption/decryption within the device.
Not sure about this.
Unless it's got a little CPU on there doing the actual crypto,
[in which case, you might as well buy a Zaurus], you are still
doing this on the host PC. This means, if the host PC is infected,
you are hosed, as it can grab your private keys as they are loaded into RAM.
(but this is academic, as the attacker can read all you wonderful secret 
medical data by
grabbing regular screendumps, too)
software on host PCs needed. Works for Linux and Windows. Simply great. I never go anywhere without it. There is one problem. It's not cheap. Around 250Euro for 256 MB. You gotta know what you are willing to pay for security.
~= $A600 Hmm, not cool.
For the distant future I plan to use this for GNUmed logon.
Excellent idea.
Tunnelling the postgres connection over SSH would be good too (which solves 2 
at once)


Attachment: signature.asc
Description: OpenPGP digital signature

reply via email to

[Prev in Thread] Current Thread [Next in Thread]