[FoRK] Not the linux-mini yet,

Lucas Gonze lgonze
Thu Aug 18 22:09:57 PDT 2005



On Fri, 19 Aug 2005, Udhay Shankar N wrote:

> Lucas Gonze wrote [ at 10:08 AM 8/19/2005 ]:
>
>> Wonderful!
>> 
>> Question: how to use this as a secure base for logging in from a cybercafe, 
>> given that all traffic can be observed by the compromised machine?  I'm 
>> sure it's doable.
>
> Tunnel everything via ssh. For extra paranoia points, proxy dns also via the 
> encrypted link.

You can't trust the keyboard, though.  Any secrets have to originate on 
the mini and be encrypted as they pass through the untrusted cybercafe 
machine.

For starters there's a big freebie to bootstrap the system: ssh 
passwordless login.  However that won't help you with any web site you 
have to log in to, most importantly webmail.

Plus, you need the ability to have the mini proxy bytes to the internet 
via the untrusted machine.






More information about the FoRK mailing list