Am 26.11.2019 um 22:11 schrieb Jerry Draper <midrangel@xxxxxxxxxxxxx>:
I know that the private key needs to be secured but with an ssh keyexchange connection the partner needs your public key in their
authorized_keys file and the partner's RSA fingerprint needs to be in your
Yes but the entry in authorized_keys is usually not further restricted.
You can restrict there to certain commands and source IP addresses, though.
The fingerprint just prevents tampering if the remote system pretends to
be someone else. If a possible attacker got hold of the privkey, he needs
just to connect, accept the host fingerprint.
Given that probably any system is breakable the ssh key exchange offersa pretty good solution.
Yes, it does, most preferably to passwords. I'm just pointing out that
even with keys is a chance to have a system becoming compromised.
PGP-Key: DDD3 4ABF 6413 38DE - https://www.pocnet.net/poc-key.asc
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list
To post a message email: MIDRANGE-L@xxxxxxxxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
or email: MIDRANGE-L-request@xxxxxxxxxxxxxxxxxx
Before posting, please take a moment to review the archives
Please contact support@xxxxxxxxxxxx for any subscription related
Help support midrange.com by shopping at amazon.com with our affiliate
As an Amazon Associate we earn from qualifying purchases.
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.