Jonathan Underwood wrote: > You were arguing for the login password/phrase matching the ssh > password/phrase - that seems like a bad idea and really unecessary. It's necessary for using pam_ssh at the moment. It is also needed for pam_keyring. I'm not arguing that this is the best way. I was only passing on this info that may help the Jesse's friend find a workable solution with the current tools. >> There is always a tradeoff between security and convenience. Are >> you suggesting that there not be a way for users to enable their >> login to unlock their various keyrings? > > Nope. But that in no way requires login password/phrase == ssh key > password/phrase. At present for pam_ssh it does. I'm not sure how much of a risk this really is. Say that gnome-keyring gets support for unlocking ssh keys. Then I could have my ssh passphrase stored in gnome-keyring, which would be using the same passphrase as my login. My ssh passphrase is now only as secure as gnome-keying is. How secure is gnome-keying? I'm not suggesting that gnome-keying is inherently insecure, as I've not looked at it (nor am I really qualified to assess it properly). But I'm not sure that having gnome-keyring -- using the same passphrase as my login -- protecting my ssh passphrase is that much different than using the same passphrase as login for the ssh key. Am I missing something really obvious? For those that want much stronger security, not using any sort of automated passphrase store and using different passphrases for login, ssh keys, etc. is the only way to go. That's not the target audience for the features an automated pam_keyring would provide, as far as I can tell. -- Todd OpenPGP -> KeyID: 0xBEAF0CE3 | URL: www.pobox.com/~tmz/pgp ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ The average woman would rather be beautiful than smart because the average man can see better than he can think.
Description: PGP signature