Jake Anderson wrote:
> If he uses password authentication then your hosed.
> If you use certificate auth then its ok, of course the certificate is 
> more than likley on the laptop.
> The only way around it is some kind of jumping screen keyboard that you 
> enter your password on with a mouse.
> Of course if they record the screen your still hosed.
> 
> Pretty much the same with all encryption techniques. They only prevent 
> somebody between the two end points gaining access. If an end point is 
> compromised then all bets are off.
> 
> 
> I spose the only way around it would be a challenge response type 
> password question.
> you memorise some formula (or use a physical doohickey), the remote end 
> gives you the challenge in the form of a number (or two). You perform 
> some maths on that number and you reply with the answer.
> 
> Same way passwords are authenticated now without sending the password 
> over the network, you just take the hashing functions from the computer 
> and perform them in your head or on some "trusted" device.

Thanks Jake.  That was what I assumed but I always get in trouble when I 
assume.
-- 
http://www.piclist.com PIC/SX FAQ & list archive
View/change your membership options at
http://mailman.mit.edu/mailman/listinfo/piclist