[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Identity (SSH Key) Management in Linux

mike808@users.sourceforge.net wrote:
>>If you really wanna put the keys in a central
>>repository, I like Jeff's suggestion of using an LDAP DB (or some other
>>easily replicable DB system, like MySQL) with a live replica and a
>>periodic removable archive.
> Does that work for storing SSH pub/prv keys, PGP keys, and/or passwords?

Yes, you can store arbitrary binary and/or textual data in either of 
those DBs.  No, there's no existing code to automatically pull the keys 
out of either.  So, it's no less convenient than the notecard idea, 
though it works better for backing up non-textual keys.  So would just 
having a backup, though... :)  It's conceivable that someone would write 
in support for a remotely stored key, though that'd probably hurt security.

> My primary reasoning behind my musings on this topic is to answer the following:
> How would any of you have prepared your spouses/successors to deal with your
> online accounts - ISP, mailing lists, hosts, email, etc. in the event of your
> sudden and untimely demise? Could your spouse, for example, close out
> your PayPal account? Brokerage accounts? Close out/transfer your 
> PAUSE / Sourceforge / Savannah / Debian / Apache / etc. developer accounts? 
> Customer hosting accounts that you admin? Your domain accounts with OpenSRS? 
> (Changing Verisign domains by someone other than you is a no-brainer <g>.) 
> Could your successor access your "central store" to impersonate you long 
> enough to tidy things up?
> That's more the kinds of purposes of my "central store" that I'm thinking of - 
> disaster recovery, not paranoia.

My wife knows people who can boot my home machine from a rescue disk, 
giving them root access, and who can then access my files and reset my 
password.  She can then access my email which will allow her to reset 
any accounts that she doesn't already have access to.  That takes care 
of most of the "at home" stuff.

At work, the same deal applies.  If things were better documented, then 
any boob with a rescue disk can modify /etc/shadow and get access to 
most of the stuff here - as root from a rescue disk.  Yeah, things could 
be made more scure, but then it'd be a bigger pain if I leave/die/etc. 
This way is an acceptable balance.


To unsubscribe, send email to majordomo@luci.org with
"unsubscribe luci-discuss" in the body.