On 2011-07-13 8:36 AM, Andy Steingruebl wrote:
I reject the SSH key management example though. Especially if you've
ever maintained a large number/variety of unix servers running SSH,
where hardware failures, machine upgrades, etc. lead to frequent SSH
key churn. In those cases the only solutions are:
1. Automate key distribution to things like the /etc/known_hosts file
via means that aren't built into or supported by SSH itself really,
they are an adhoc add-on.
2. Go to insane pains to ensure that keys don't ever change. Quite
tricky when you're trying to automate OS installs, etc.
3. Use keys-in-DNS for this, which defaults back to something quite
easy to attack.
4. Give up. Accept all keys without fail and just assume you're not
getting owned.
Option 2 does not seem to require "insane pains", It is less horrid
than installing an SSL certificate.
_______________________________________________
cryptography mailing list
cryptography@randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography
