On Thu, 3 Apr 2008 12:23:34 -0500 Dave Sherohman <[EMAIL PROTECTED]> wrote:
[snip] > When using public key auth, copy *only* your public key to the server. > (ssh-copy-id is a handy way to automate this.) So long as your private > key remains secure, there is very little risk to an attacker getting > their hands on the public key - that's kind of the point of public key > crypto, after all. Unless they take the time to successfully factor the > public key, there is no way it can be used to attack your systems; the > worst they could do with it is grant you access to their server and run > a keylogger there. And IIUC, that's what ~/.ssh/known_hosts is all about; if an attacker's machine presents your public key to you, ssh will give you a scary warning about the IP / public key mismatch. Celejar -- mailmin.sourceforge.net - remote access via secure (OpenPGP) email ssuds.sourceforge.net - A Simple Sudoku Solver and Generator -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
