On Saturday 19 September 2009 10:57:43 am Gary V. Vaughan wrote: > Now that I think about it, isn't this a bug (tweaking the script > from my last post slightly)?
No. The entire security of SSH/SFTP/SSL comes from having the public key. If you just trust whatever key it sends, it is vulnerable to man-in-the-middle attacks.
