Comments: Principle of Redundancy

You can generate a list of known_host fingerprints by

ssh-keygen -l -f $HOME/.ssh/known_hosts

You can also generate the fingerprint of the host public
keys by running:

ssh-keygen -l -f /etc/ssh/
ssh-keygen -l -f /etc/ssh/

(tested with OpenSSH 4.2p1).

After the initial "leap of faith" and installation of
authorized_keys, I use restrictive ssh client settings:

Host *
PasswordAuthentication no
StrictHostKeyChecking yes

(Does not invalidate your usability arguments though)

Posted by Emmanuel at February 22, 2008 09:35 PM
Post a comment

Remember personal info?

Hit Preview to see your comment.
MT::App::Comments=HASH(0x556113f26da8) Subroutine MT::Blog::SUPER::site_url redefined at /home/iang/www/fc/cgi-bin/mt/lib/MT/ line 125.