Subject: Re: ssh - are you nuts?!?
To: None <>
From: None <>
List: tech-security
Date: 12/20/2000 04:58:11
On 17 Dec, Chris Jones wrote:
> writes:
>> Are there any more features that might make SSH valuable?
> Password-less login.  I can type my passphrase once, and for the
> remainder of the life of the login session or shell, I can ssh "for
> free" into certain machines.
> This is also dangerous, of course; it's easy for me to forget and
> leave my terminal, which theoretically makes a whole batch of
> computers vulnerable, not just one.  To help address this, I've been
> thinking for some time about adding a locking IOCTL that prevents
> virtual console switching -- that way, I can just run xlock or lock,
> and I can feel pretty safe leaving my terminal.  As always, of course,
> I haven't had time to do any coding on this.
Your point on vulnerability seems to indicate that a feature then
requires a fix. Which might require a feature, that in turn would
require a fix..... seems messy to me. Do you agree?