Brian Fahrlander wrote:
Keyfobs. These little USB droplets of cyberspace. How about we, as one of the largest collections of Linux people out there, standardize some software to fit into PAM to do this:
1. Upon insertion, ask for the passphrase a'la local-agent.
2. When validated, use these credentials for everything.
So you'd have some kind of identification on the USB memory, and if the passphrase you type matches that identification, you're logged in. And you'd use this on all the computers you use?
What if you don't fully trust one of these computers? Maybe you're a user on a big campus, and you don't know who the administrators are. You don't even know how many people have root access. If just one of them isn't completely honest, they could install a piece of software that copies your ID from the keyfob and sniffs your passphrase as you type it. Then they can pose as you everywhere.
Or maybe the administrators at work don't trust the security of your home computer. Maybe they're worried that someone might break into your home computer and thereby gain access to the corporate network.
What do you do to solve these problems? You start using a different ID at every site. And then you're back to the same situation, with more and more passwords to remember. See, your scheme isn't really any different from just using the same password everywhere.
What we need is a way to identify yourself to a computer without at the same time giving the computer the ability to pose as you. This requires a "personal identity gadget" with its own processor and a way to interact directly with you.
Björn Persson
