Making password driven SSH 'immune' to MTM attacks.

Jim Knoble jmknoble at pobox.com
Sat Feb 26 09:07:08 EST 2000


På 2000-Feb-25 klokka 15:53:07 -0500 skrivet Gregory Maxwell:

: Since I'm not two good at accuratly rembering numbers 1024+ bits in
: size, and there is no widespread, standardized, and cheap 'smart card'
: system.

<SARCASM type="shameless" height=50%> 1.44 MB floppies have been around
for quite some time. </SARCASM>

: I can rember several passwords, and carry them around in my mind. I
: can't mentally carry even a single RSA key pair.

That's actually part of the benefit of public/private keypairs
protected by passphrases: while passwords are merely something you
know, and ``smart'' cards (or Java jewelry, or fingerprints) are
something you have, a protected private key is both something you have
(the key) *and* something you know (the passphrase).

-- 
jim knoble
jmknoble at pobox.com





More information about the openssh-unix-dev mailing list