[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Identity (SSH Key) Management in Linux

> If you really wanna put the keys in a central
> repository, I like Jeff's suggestion of using an LDAP DB (or some other
> easily replicable DB system, like MySQL) with a live replica and a
> periodic removable archive.

Does that work for storing SSH pub/prv keys, PGP keys, and/or passwords?

> I don't like the idea of storing all keys in any single place at all,
> personally, that just seems to be screaming out for abuse.

But it sure is convenient, though. :=)

BTW, I'm talking about a user's keys - SSH, PGP, etc.

I was thinking of making .ssh in each of the distros a symlink to a USB keychain 
drive, but I think sshd doesn't like ~/.ssh being anything other than a real 

Then there's a shared /home filesystem idea with the ~/.ssh directories being 
hard links with the others to a single location. But each user would still 
have to have a different home directory for each distro. Different
.kde, .mozilla directories, etc. as different versions and features are
specific to each distro.

Someone I ran across suggested 3x5 index cards - two cards for each 
"host/distro" and account - one for offsite. Label with the host and account
name, and write down the date and the password assigned. Keep 'em in a
recipe box. Pretty simple, easy to understand process and practice.

For printable keys (like SSH or x509 certs), the private key could be 
printed on the index card on one side and the fingerprint and passphrases
on the other. And another index card with the public part on one side and 
the matching private part on the other to tie the two cards together.

My primary reasoning behind my musings on this topic is to answer the following:

How would any of you have prepared your spouses/successors to deal with your
online accounts - ISP, mailing lists, hosts, email, etc. in the event of your
sudden and untimely demise? Could your spouse, for example, close out
your PayPal account? Brokerage accounts? Close out/transfer your 
PAUSE / Sourceforge / Savannah / Debian / Apache / etc. developer accounts? 
Customer hosting accounts that you admin? Your domain accounts with OpenSRS? 
(Changing Verisign domains by someone other than you is a no-brainer <g>.) 
Could your successor access your "central store" to impersonate you long 
enough to tidy things up?

That's more the kinds of purposes of my "central store" that I'm thinking of - 
disaster recovery, not paranoia.

Just more musings...

Just because you're paranoid, doesn't mean that they aren't out to get


To unsubscribe, send email to majordomo@luci.org with
"unsubscribe luci-discuss" in the body.