[OpenAFS] ssh keys in my home directory and AFS

Derek Atkins warlord@MIT.EDU
05 Feb 2001 11:35:22 -0500

AFS does not encrypt data by default.  Unless you specifically set
your client to encrypt, it wont.  Therefore, if your ssh keys are in
AFS, they will possibly cross the network in clear, which means that
yes, anyone could sniff them.

Keep in mind that your SSH key is also encrypted, so you still have
another layer of protection...  Someone needs your SSH key and your
pass phrase.


Benjamin Gutierrez <benjamin@cypher.matem.unam.mx> writes:

> hello..
> I was wondering if whicle my home directory is distributed among servers
> and clients in a cell.. i keep my openssh keys in my .ssh
> subdirectory.. is it possible that someone intercepts them? i understand
> AFs and kerberos do strong authentication.. both whiel the data travels
> between a server and a client it goes clean?
> thanx a lot
> ben
> _______________________________________________
> OpenAFS-info mailing list
> OpenAFS-info@openafs.org
> https://lists.openafs.org/mailman/listinfo.cgi/openafs-info

       Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
       Member, MIT Student Information Processing Board  (SIPB)
       URL: http://web.mit.edu/warlord/    PP-ASEL-IA     N1NWH
       warlord@MIT.EDU                        PGP key available