From owner-freebsd-security Fri Oct 11 14: 8:51 2002 Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 48C0E37B404 for ; Fri, 11 Oct 2002 14:08:49 -0700 (PDT) Received: from bubbles.electricutopia.net (bubbles.electricutopia.net [63.214.178.76]) by mx1.FreeBSD.org (Postfix) with ESMTP id CDB9F43E97 for ; Fri, 11 Oct 2002 14:08:48 -0700 (PDT) (envelope-from dave@slickness.org) Received: by bubbles.electricutopia.net (Postfix, from userid 1001) id 09BCE154AF; Fri, 11 Oct 2002 14:08:42 -0700 (PDT) Date: Fri, 11 Oct 2002 14:08:41 -0700 From: David Olbersen To: Nicholas Esborn Cc: freebsd-security@freebsd.org Subject: Re: Possible to get publickey fingerprint in sshd log messages? Message-ID: <20021011210841.GA20531@slickness.org> References: <20021011192131.GB18130@carbon.berkeley.netdot.net> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="gBBFr7Ir9EOA20Yy" Content-Disposition: inline In-Reply-To: <20021011192131.GB18130@carbon.berkeley.netdot.net> User-Agent: Mutt/1.4i Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org --gBBFr7Ir9EOA20Yy Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Thus spake Nicholas Esborn (nick@netdot.net): > The problem is that I can't tell which public key was used to gain entry. > Would a public key fingerprint in this message weaken security in some way > I'm missing? I've been wondering about this ability myself. Showing a PUBLIC key fingerprint shouldn't weaken security at all, should it? It would create the possibility of somebody sending your client encrypted messages, but I wonder how much of a problem that could be. --=20 David Olbersen Site: http://mp3s.mootech.net PGP Key: http://mootech.net/~dave/gpg-key.txt One hoopy frood who knows where his towel is. --gBBFr7Ir9EOA20Yy Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (FreeBSD) iD4DBQE9pz3ZrtSBoeosATgRAopQAJjcjYK2RgMDAiuE8Q2AM13ybn6hAKDwxLrQ 9IblqYi6V2y4KOOTsuJM6w== =KxxK -----END PGP SIGNATURE----- --gBBFr7Ir9EOA20Yy-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message