Remote security practices

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View
Hash: SHA1

As a student I often find myself in need of accessing my home computer
(via remote SSH) from my school's (Windows) computers, and since I'm
pretty paranoid about my password security, I'll never use PuTTY from
within Windows as my school is full of script kiddies whom no doubt have
keyloggers installed (which should probably be assumed for most public

So what measures have people taken to ensure their entire connection (not
just over the network) is completely secure? I've come across the two
obvious solutions...

a) Bootable live CD linux distribution
   pros: leaves no trace, gurantees no soft spyware
   cons: pain to set up network every time when no dhcp servers exist (my
         case), could be physical keylogger or other hardware
         (firmware, possibly?) logging device installed between keyboard
         and computer (eg. )

b) Bring laptop
   pros: perfectly secure (as far as spyware is concerned - depends on
   cons: often not permitted to connect own computers to school network

Are there any solutions I have overlooked?

Joseph Battaglia
Version: GnuPG v1.2.3 (GNU/Linux)


Re: Remote security practices

Hi Joseph!

Joseph Battaglia:
Quoted text here. Click to load it

In an environment where you can boot from your own CD, you do not have
to be paranoid to not trust the OS installed on the hard disk.

That was just meant as a sympathetic remark, no advice from my side,


Carsten Schultz (2:38, 33:47), FB Mathematik, FU Berlin /
PGP/GPG key on the key servers,
fingerprint on my home page.

Re: Remote security practices

Hash: SHA1

Joseph Battaglia wrote:

Quoted text here. Click to load it

Hardware keyloggers.  Bring your own laptop.

- --
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see


Re: Remote security practices

Joseph Battaglia wrote:

Quoted text here. Click to load it

bring a private key on removable media - raises the bar above a mere keylogger

one-time password (unsure how you'd do that in SSH) protects from hardware
keyloggers but still leaves you vulnerable to
     logging by client
     hijacking of the encrypted session
     perhaps inadequately encrypted channel (unsure of key setup details)
so you'd still not trust the PuTTY and libraries on the desktop.

Bootable CD + one-time passwords sounds to me like the minimum required.

Elvis Notargiacomo        

Re: Remote security practices

Quoted text here. Click to load it

Secondary login: Do not use your login at home in public places. You can
give group read permissions to your files and sync your files at home when

Another way is the S/Key One-Time-Password. However, you need to know how to
implement it AND you need a handheld computer device that calculates the
hashes for you. You should not type the (non-one-time) password in an
untrusted computer.

Site Timeline