[tech] GPG

Grahame Bowland grahame at ucs.uwa.edu.au
Thu Aug 2 14:59:35 WST 2001


On 02 Aug 2001 14:04:12 +0800, David Basden wrote:
> On Mon, Jul 09, 2001 at 08:25:45PM +0800, Grahame Bowland wrote:
> > On Mon, Jul 09, 2001 at 06:47:11PM +0800, Anil Sharma wrote:
> > > is there anyway of using GPG at ucc without having to trust wheel members 
> > > not stealing my private key?
> > 
> > No - if you use a passphrase we'll just take it off you!
> > 
> > You can't use GPG usefully on untrusted machines :]
> 
> Just to be a pedantic bastard, you can't really use GPG or SSH on
> untrusted machines; It's quite possible that the binary has been
> compromised to (say) log paraphrases with a couple of lines of code.

That's exactly my point. What I do is to not trust UCC at all, and just
give it my public SSH key. When I ssh in to UCC there's just some
exchange of information to confirm that I really do have the private key
to match that public key - the passphrase isn't sent to UCC at all.

--
Grahame Bowland, Network and Systems Administrator
University Communications Services, The University of Western Australia
Phone: +61 8 9380 1175





More information about the tech mailing list