On 27-07-20, Giancarlo Razzolini via aur-general wrote: > Em julho 27, 2020 21:03 Gaetan Bisson escreveu: > > > > It's quite unsettling that we seem to be rushing to write a news post > > while this very reasonable suggestion remains completely ignored. > > > > It wasn't ignored. They keys were deliberately changed in the process.
Ok, thanks, now I know it was intended and not just an oversight. The root issue is of course the host / service confusion, but there's not much that can be done about it if everything runs on port 22. From a user perspective, it's the same service running under the same name (aur.archlinux.org), so it should keep using the same key after the migration. From an sysadmin perspective, these are two different hosts, so they should use different keys. When thinking service first, it's not a problem to have the same key on multiple machines. Think about github.com or gitlab.com: they must have tens of machines with the same host key. If a single one is compromised, they lose the key, but all machines likely have the same attack surface anyway. Anyway, in the end, it's not surprising you chose the sysadmin perspective, and the old/new servers don't seem to have the same attack surface. Baptiste PS: I didn't know about UpdateHostKeys and it looks really useful, thanks for pointing it out!
signature.asc
Description: PGP signature
