On 3/27/06, David Barrett <dbarrett@quinthar.com> wrote:

... What are your thoughts on using PKI?

fine as long as trust and identity are properly implemented. physically hardened tokens are very good (ex: the rsa challenge / pin based token authenticator via radius) SPEKE and variants are also highly recommended in my book if you can use them in a secure context (that is, no rootkits and equivalents to capture passwords/phrases - a situation where single use passwords / bingo auth are helpful if secure hardware tokens are not feasible)

For example, create private keys (with no passwords) and put them in an encrypted volume. Then use one strong password to unlock your encrypted volume (and thus, unlock your private keys), and then SSH to everywhere else securely.

this works very well, and if you have hardware accelerated encryption it can be transparent. you can also pre distribute keys (public and secret) to the encrypted volumes you mount and run within (via a secure bootstrap of course...) [ see http://www.via.com.tw/en/initiatives/padlock/hardware.jsp ] i think this is a rich field of discovery when considering the user interface and authentication / session aspects of a secure system. best regards,