On 25 Dec, David O'Brien wrote:
> On Fri, Dec 22, 2000 at 11:28:07PM -0800, Kris Kennaway wrote:
>> Incorrect..the problems with SSH come down to flaws in the human
>> operator who ignore the warnings SSH gives them, and tell it
>> explicitly to do insecure things like connect to a server which is
>> suddenly not the one you're used to connecting to.
>
> And we, the FreeBSD Project, don't do a thing to help this situation.
> We change the SSH keys on the freebsd.org machines left and right w/o
> *ANY* notice to committers that they have been changed. So we've trained
> our own committers to have sloppy habits that could lead a malicious code
> added to the FreeBSD CVS source repository.
>
Is this correct?????
Can anyone confirm this.
A message by Wes Peters suggests it to be so.
JKH, DG, CORE respond.
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message
