Jon Stewart on Thu, 5 Aug 2004 13:29:43 -0500 (CDT)

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [hosers-talk] opie

> > A dummy account is used so that trusted hosts can log into the real 
> > account directly, avoiding the OTP rigamarole.
> > 
> > Clumsy, but I think it should work.
> Two problems:
> 1. Some of the machines from which I log in do not have user-accessible
> USB ports, so carrying around a pen drive with my private key wouldn't
> help me.

That sux0rz. When I use another machine, it is almost always Windows with 
plentiful USB ports.

> 2. I'm not quite sure that I understand the utility of the dummy account.
> What exactly do you gain with it over having one account using OTP and
> logging in directly to that one? You're still safe from keyloggers. Is it
> just that if your one-time pad generating scheme turns out to have a flaw,
> then the best that a determined hacker can do is log in to your dummy
> account?

So I can log into the real account directly from trusted machines, 
avoiding the hassle of OTPs, i.e. I can log into martial (linux) from ovid 
(iMac) directly.

Jon Stewart                                 Advanced Los Angeles C++
hosers-talk mailing list