two factor authentication
William Ahern
william at 25thandClement.com
Wed Jul 26 15:55:02 EST 2006
On Wed, Jul 26, 2006 at 08:27:45AM +0300, Alon Bar-Lev wrote:
> Daniel Kahn Gillmor wrote:
> >I also share Jefferson Ogata's concerns about the closed nature of the
> >hardware, though i note that some smartcards are being developed with
> >what appears to be an open process [1].
> >
> >Smartcards are definitely not a panacea.
>
> Right.
> It is better putting your private key on a file and use password to
> access the server...
>
He didn't say that. What he said was in the same vein as "ice is cold". ;)
I think we all understand that smart cards do not present a panacea in the
realm of authentiation.
But I argue that they do provide a critical, heretofore absent link in
end-to-end security across the network. And significantly a link whose
properties allow it to become a dependable component in a coherent,
parameterizable security system. To say any password-based system--employed
within a network--is comparable sounds like, pardon me, a joke.
Anyhoo, this is dragging on....
More information about the openssh-unix-dev
mailing list