Re: [Fwd: Re: Debian SSH server configuration]

To: Debian User <debian-user@lists.debian.org>
Subject: Re: [Fwd: Re: Debian SSH server configuration]
From: Stephen R Laniel <steve@laniels.org>
Date: Wed, 26 Apr 2006 14:02:09 -0400
Message-id: <[🔎] 20060426180209.GA17297@whitehail.bostoncoop.net>
In-reply-to: <[🔎] 444FB8D0.5020305@antibodymx.net>
References: <[🔎] 444ECC2D.7070200@aol.com> <[🔎] 20060426181237.GA4241@galactic.demon.co.uk> <[🔎] 444FB8D0.5020305@antibodymx.net>

On Wed, Apr 26, 2006 at 08:15:44PM +0200, Martin A. Brooks wrote:
> Not so much "fractionally less secure" as "insecure". If the machine 
> containing the private key is compromised so, potentially, is every 
> machine that the public key has been distributed too.

Though if you want to prevent one machine's compromise
from compromising another machine, set HashKnownHosts. Then,
at least, people won't be able to guess your other machines
once they've broken your current machine.

-- 
Stephen R. Laniel
steve@laniels.org
Cell: +(617) 308-5571
http://laniels.org/
PGP key: http://laniels.org/slaniel.key

Attachment: signature.asc
Description: Digital signature

Reply to:

References:
- [Fwd: Re: Debian SSH server configuration]
  - From: Bruce Corbin <brucefla@aol.com>
- Re: [Fwd: Re: Debian SSH server configuration]
  - From: amacater@galactic.demon.co.uk (Andrew M.A. Cater)
- Re: [Fwd: Re: Debian SSH server configuration]
  - From: "Martin A. Brooks" <martin@antibodymx.net>

Prev by Date: Re: [Fwd: Re: Debian SSH server configuration]
Next by Date: Re: [Fwd: Re: Debian SSH server configuration]
Previous by thread: Re: [Fwd: Re: Debian SSH server configuration]
Next by thread: Re: [Fwd: Re: Debian SSH server configuration]
Index(es):
- Date
- Thread