Comment an ssh session management alternative (Score 1) 109
I have recently purchased a memory key device (8M USB thingy-do which mounts as a scsi drive under Linux) and thought it would be neat to have some sort of system where by I could not get access to my box unless the key was there. So I dug around and found a pam module for BSD (if you have ssh under BSD you should have it) which uses ssh as the authentication method.
Additionally, there is session mamgement. So, a login to any entrance (vt, xdm, etc.) transparently spawns ssh-agent if necessary and adds keys. (My friend and I have been fooling around with making it work under Linux and it almost works perfectly).
Now I have a cute little paranoid system whereby login, gdm, xscreensaver, etc. are forced to auth through my 1024 bit password protected DSA key which lives only on my usb keychian. (pop out the key and xscreensaver locks immediately too).
Additionally, there is session mamgement. So, a login to any entrance (vt, xdm, etc.) transparently spawns ssh-agent if necessary and adds keys. (My friend and I have been fooling around with making it work under Linux and it almost works perfectly).
Now I have a cute little paranoid system whereby login, gdm, xscreensaver, etc. are forced to auth through my 1024 bit password protected DSA key which lives only on my usb keychian. (pop out the key and xscreensaver locks immediately too).
