[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: HashKnownHosts

On Sat, Jul 02, 2005 at 11:42:40PM +0200, Marco d'Itri wrote:
> On Jul 02, Wouter Verhelst <wouter@debian.org> wrote:
> > Well, then the 'foundation of Internet security' is very weak, I'm
> > afraid. It's plain stupid to rely on someone else to get _your_ security
> > working correctly. Think about it.
> There is also the quite important point that even the most stupid of the
> attackers could just look at ~/.bash_profile instead and get all or most
> of the hostnames anyway, so I still do not see the benefits of enabling
> this option by default.

Also, this is not true in a world where many desktop users are using GUI
frontends to sftp or the like.

Colin Watson                                       [cjwatson@debian.org]

Reply to: