Date: Fri, 6 Apr 2001 11:20:55 +0100 (BST) From: Jan Grant <Jan.Grant@bristol.ac.uk> To: Ted Mittelstaedt <tedm@toybox.placo.com> Cc: freebsd-questions <freebsd-questions@FreeBSD.ORG> Subject: RE: SSHD Problems... Message-ID: <Pine.GSO.4.31.0104061115110.14755-100000@mail.ilrt.bris.ac.uk> In-Reply-To: <001701c0be68$fcdb98a0$1401a8c0@tedm.placo.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, 6 Apr 2001, Ted Mittelstaedt wrote: > Also, I think even the security people will tell you that the practice of > passing the key during the _first_ initial connection via ssh basically > destroys the entire integrity of the ssh transaction - key passing is > supposed to be out-of-band, not in-band. You're referring to "remote server's key fingerprint is BLAH; accept?" Of course, all your users will refer to the printout they have of the signed email the sysadmin sent around giving the ner servers' fingerprints. Maybe you can't trust users to do this; but you ought to be able to trust a sysadmin to preinstall appropriate host keys or make the fingerprints available through other channels. It is, of course, true that if you don't understand ssh you can continue to use it blithely unaware of security problems that may have arisen. And people _do_ do that :-( - generally, though, MITM attacks against ssh require some concerted effort. If you consider that such a threat exists and is relevant in your situation, then you need to weigh it against the cost of user training* to get them to use the tools properly. jan * And sysadmin training, too. -- jan grant, ILRT, University of Bristol. http://www.ilrt.bris.ac.uk/ Tel +44(0)117 9287163 Fax +44 (0)117 9287112 RFC822 jan.grant@bris.ac.uk Generalisation is never appropriate. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.GSO.4.31.0104061115110.14755-100000>