Biometry in general may be acceptable, but fingerprints should be considered
weak protection, because you share that key with your environment all day, every
day. Getting someone's fingerprint is *really* easy. If your phone gets stolen,
chances are, the fingerprint needed to unlock it is right on there already.
And faking fingerprints is really easy, too.
https://www.theguardian.com/technology/2013/sep/22/apple-iphone-fingerprint…
Am 30.09.2017 um 20:21 schrieb Bryan Davis:
On Sat, Sep 30, 2017 at 9:28 AM, Roy Smith
<roy(a)panix.com> wrote:
What’s the current best practice for auth on
ToolForge?
I have a passphrase on my public ssh key. I’ll be accessing toolforge from my MacBook
which is protected with Apple’s Touch ID fingerprint scanner. I’ll be nailing up a tmux
session.
So, most of the time, there will be an active ssh session into wfmlabs protected only by
my fingerprint touch. If the ssh session goes down (i.e. reboot or network change), it’ll
be a touch plus my ssh passphrase.
Is this considered an appropriate level of protection for this environment?
Having a strong passphrase on your private ssh key is recommended.
Using an ssh-agent to hold your ssh key when decrypted is reasonable.
Keeping an ssh session open via screen or tmux is acceptable. I would
expect these three things to be in common use by a number of Toolforge
/ Cloud VPS users and administrators.
The only thing that is semi-unique about the setup you describe is the
use of biometric auth for unlocking your laptop. I don't see that that
makes your key handling practices inherently weaker (or stronger) than
having a passphrase for unlocking.
Bryan
--
Daniel Kinzler
Principal Platform Engineer
Wikimedia Deutschland
Gesellschaft zur Förderung Freien Wissens e.V.