On Fri, May 6, 2011 at 12:02, Tom Furie <[email protected]> wrote: > No, the attacker needs to HAVE your private key and KNOW the pass phrase > for that key. Assuming you keep your key secure and have a decent pass > phrase his life should be very difficult indeed. >
Yes, but using that key on a computer that he does not trust is NOT "keeping the key secure". To answer the OP, there is no straightforward way to connect to your machine from a computer that you don't trust and still be safe. You can try port-knocking which will slow down an attacker until he figures out that is what you are doing from the compromised machine. You might also have better luck with one-time passwords or one-time keys. Or, if it is possible, set up a web interface to whatever you want to control on your home computer and do it in a browser. That will limit the expose of the machine to whatever services you are controlling from the browser. -- Dotan Cohen http://gibberish.co.il http://what-is-what.com -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: http://lists.debian.org/[email protected]
