two factor authentication
Daniel Kahn Gillmor
dkg-openssh.com at fifthhorseman.net
Wed Jul 26 09:43:27 EST 2006
On July 25, deengert at anl.gov said:
> So if you want to call it the computer in your pocket, it should
> have some output indicator to at least tell the user it is being
> used. A reader with these capabilitoes cound alos help.
i use a Cryptoflex eGate with their USB tokens with openssh [0] via
opensc (i didn't think opensc was all that bad, incidentally). The
USB token has an LED that flashes when it is computing and (i assume)
stays off when it is not in use. So some output indicators do exist.
However, i share your general ambivalence about smartcards, and only
use the smartcard/USB token on a trusted machine anyway. A
compromised ssh client on an untrustworthy machine can simply
piggyback on a "properly" authenticated connection (yes, including one
that uses smartcards), and set up backdoors or trash filesystems or
other nasty things.
I also share Jefferson Ogata's concerns about the closed nature of the
hardware, though i note that some smartcards are being developed with
what appears to be an open process [1].
Smartcards are definitely not a panacea.
--dkg
[0] http://lair.fifthhorseman.net/~dkg/egate/
[1] http://www.g10code.com/p-card.html
More information about the openssh-unix-dev
mailing list