Shutup and Code has a simply fantastic idea:
Another idea is having the phone store your password/ssh/gpg keyring, and maybe even do the crypto ops on the phone via bluetooth.
Yes! I don’t care what it would require of me — If there was a phone that could do this with my PowerBook, I would immediately buy it regardless of carrier, price or service plan. That would be such a killer feature!
You could store a private key on some of the existing bluetooth cell phones right now, but the integration with ssh-agent and gpg-agent would be difficult or impossible on the phone.
It might be possible right now to hack the agent programs to download the private key and authenticate on the local computer, but it would be nicer if the actual authentication could happen on the phone so that the local machine wouldn’t have to be trusted with the private key.
Posted by: kasei on September 28th, 2003 11:49 PM
couldn’t you just write an agent proxy (kinda like ssh acts as a proxy for the ssh-agent running on your local machine) that forwards ssh-agent and gpg-agent connections over bluetooth to the cellphone? i believe the agent protocol itself is very simple, as long as the cell phone is powerful enough to perform the requisite encryption operations.
Posted by: gary on September 30th, 2003 01:20 AM
That’s exactly what I had in mind, actually. But while some phones might have an open enough architecture to run the actual ssh-agent code on the phone, I don’t believe my T68i does.
And having it built-in would be nice ;)
Posted by: kasei on September 30th, 2003 02:59 AM
I’m not sure, but don’t you think some of the phones with a lot of memory that can be used for programs or pictures (like the Nokia 3650) could be used as storage space too?
The bluetooth module already supports fiile transfer, so it would be a question of writing a little program for the phone that could store the info you want it to store.
Posted by: Traveler on September 28th, 2003 12:45 PM