[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [Fwd: Re: Debian SSH server configuration]

On Wed, Apr 26, 2006 at 08:15:44PM +0200, Martin A. Brooks wrote:
> Not so much "fractionally less secure" as "insecure". If the machine 
> containing the private key is compromised so, potentially, is every 
> machine that the public key has been distributed too.

Though if you want to prevent one machine's compromise
from compromising another machine, set HashKnownHosts. Then,
at least, people won't be able to guess your other machines
once they've broken your current machine.

Stephen R. Laniel
Cell: +(617) 308-5571
PGP key: http://laniels.org/slaniel.key

Attachment: signature.asc
Description: Digital signature

Reply to: