Remote signing
Samuel ]slund
samuel at Update.UU.SE
Tue Apr 20 10:41:11 CEST 2004
On Tue, Apr 20, 2004 at 08:55:10AM +0100, Stuart A Yeates wrote:
> Dave Symonds wrote:
> >I have a slightly unusual setup that I would like to use GnuPG in, and
> >wanted
> >to ask for some guidance. At my Uni we have a Sun machine that runs all the
> >mail stuff, and where I mostly prefer to do all my mail reading/composing
> >from.
> >However, I don't want to entrust my GPG private key(s) to that system, and
> >would prefer to keep them on my laptop (or a USB key). What my ideal setup
> >would be is for my mailer (mutt) running on the mail server to call out to
> >a little script that would connect securely (via ssh) to my laptop, on
> >which
> >would pop up a window showing the message and prompting for the passphrase
> >to
> >sign that message (encryption isn't so important at the moment). The signed
> >message would be sent back, and then emailed out.
>
> If the Sun is hacked, an attacker can (potentially) see every password
> you type.
I do not see this, could you elaborate?
Any password/secret for the ssh connection is of course lost but how
would a localy running script that only have two text streams as
connection to the compromised machine be threatened?
Assuming the signing is done localy and the recieving ssh session only
takes the message and no commands as input from the mail server.
I would worry a little about the possibility of missing a change in the
text shown before signing. Since you wrote the text you "know" what is
writen in it and might not read it carfully enough to catch a change.
If the mail server is compromised such a change is possible.
//Samuel
More information about the Gnupg-users
mailing list