[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]
On 18 Aug 2013, at 05:13, Kai Hendry <hendry@xxxxxx> wrote: > Genuinely lost me on this one. I think I have strong opinions how to > manage ssh and servers, so I would like to share. I guess the question needed context. We have multiple users using ssh, with multiple machines, mostly dev/test or internal boxes. I want to ensure that when someone connects to a machine they have not had to use before, they are not presented with a fingerprint challenge they will blithely accept unthinkingly. The design of ssh v2 makes a man in the middle attack hard - certificate based login make it impossible (supposedly), even if you ignore step 1 - which is check server identity. However man in the middle isn't the only threat, users might simply copy data to the wrong machine. The risk of this sort of issue is pretty small, on the other hand automating it takes out the annoyance and time of the fingerprint acceptance, and updating (at some point we will reinstall boxes, and obviously these keys need to be changed after a compromise and on relevant staff changes etc). Oh and ultimately we will probably have to show the auditors we have a procedure which handles cryptographic keys correctly. If not now at some point. Server fingerprints are one part, and it does seem everyone who cares uses DNS, but I thought asking might throw up options I hasn't considered or even thought of. Next question - directory service folks use.... -- The Mailing List for the Devon & Cornwall LUG http://mailman.dclug.org.uk/listinfo/list FAQ: http://www.dcglug.org.uk/listfaq