Re: OpenSSH Assistance - New Admin
- From: Günther Schwarz <strap@xxxxxx>
- Date: Tue, 30 Sep 2008 08:12:47 +0200
Joe Pfeiffer wrote:
Günther Schwarz <strap@xxxxxx> writes:
He or she won't get a warning. The connection will simply break like
the one the OP posted. He might check if he changed the keys in
/etc/ssh during the upgrade.
Yes, you get a warning about a possible man-in-the-middle attack
because the key changed.
Sorry, I messed that up. You're right. But as the connection is closed
after the warning the user has no chance to correct the error without
verifying the new key settings with the server admin. This is a nasty
situation in a environment where lots of people log in with ssh. Email
is not trustworthy and snail mail is expensive. Recording the MD5 sum
of the new public key on an answering machine might do the trick.
Günther
.
- Follow-Ups:
- Re: OpenSSH Assistance - New Admin
- From: Joe Pfeiffer
- Re: OpenSSH Assistance - New Admin
- References:
- OpenSSH Assistance - New Admin
- From: Sealg
- Re: OpenSSH Assistance - New Admin
- From: Maxwell Lol
- Re: OpenSSH Assistance - New Admin
- From: Günther Schwarz
- Re: OpenSSH Assistance - New Admin
- From: Joe Pfeiffer
- OpenSSH Assistance - New Admin
- Prev by Date: Re: setting up lax security on one ethernet interface while leaving the other strict
- Next by Date: Setup avahi
- Previous by thread: Re: OpenSSH Assistance - New Admin
- Next by thread: Re: OpenSSH Assistance - New Admin
- Index(es):
Relevant Pages
|
