[beldridg at best.com: Re: [fw-wiz] SecureID vs Certificates]

Michael H. Warfield mhw at wittsend.com
Sat Feb 17 03:40:24 EST 2001 

Hmmm...

	You guys aware of this project to incorporate Smart Cards into
ssh-agent?  I remember hearing about some stuff for OpenSSL, but I don't
recall hearing about this on the OpenSSH list or on the Muscle list.
This would be a really nice thing...  :-)

	Mike
-- 
 Michael H. Warfield    |  (770) 985-6132   |  mhw at WittsEnd.com
  (The Mad Wizard)      |  (678) 463-0932   |  http://www.wittsend.com/mhw/
  NIC whois:  MHW9      |  An optimist believes we live in the best of all
 PGP Key: 0xDF1DD471    |  possible worlds.  A pessimist is sure of it!


----- Forwarded message from beldridg at best.com -----

Delivered-To: firewall-wizards at fraggle.nfr.net
Delivered-To: firewall-wizards at nfr.net
Date: Thu, 15 Feb 2001 15:09:32 -0800 (PST)
From: <beldridg at best.com>
To: "Marcus J. Ranum" <mjr at nfr.com>
Cc: Darren Reed <darrenr at reed.wattle.id.au>,
        Crist Clark <crist.clark at globalstar.com>, <capegeo at opengroup.org>,
        <firewall-wizards at nfr.net>, <miedaner at twcny.rr.com>
Subject: Re: [fw-wiz] SecureID vs Certificates
In-Reply-To: <5.0.2.1.2.20010215153231.00a590c0 at fraggle.nfr.com>
Errors-To: firewall-wizards-admin at nfr.com
X-BeenThere: firewall-wizards at nfr.com
X-Mailman-Version: 2.0beta5
Precedence: bulk
List-Id: Firewall Wizards Security Mailing List <firewall-wizards.nfr.com>

On Thu, 15 Feb 2001, Marcus J. Ranum wrote:

> This is kind of what a smart card is all about. Do the signature on
> the card, so the secret never leaves it, etc. Amazingly cool
> technology but it's just never caught on particularly well here.

agreed.

i'm still watching what the umich folks are doing with ssh-agent and the
cryptoflex cards. i think it is the right approach. any updates guys?

http://www.citi.umich.edu/projects/smartcard/ssh-sc.html
http://www-personal.engin.umich.edu/~itoi/openssh/patch-openssh2.3.0-smartcard

they are also working on a crypto filesystem with the keys stored on a
smartcard.

- brett



_______________________________________________
firewall-wizards mailing list
firewall-wizards at nfr.com
http://www.nfr.com/mailman/listinfo/firewall-wizards

----- End forwarded message -----

More information about the openssh-unix-dev mailing list