Bugtraq mailing list archives
Re: "The End of SSL and SSH?"
From: "Perry E. Metzger" <perry () WASABISYSTEMS COM>
Date: Wed, 20 Dec 2000 18:59:39 -0500
Alfred Perlstein <bright () wintelcom net> writes:
If this is truly the extent of the flaw Mr. Seifried things requires a full PKI to fix, I'd like to know why setting StrictHostKeyChecking yes isn't a near-complete fix to the "End of SSH" Mr. Seifried predicts.
[...]
And yes, his prediction is based on the stupidity and carelessness of users who are pavlovian trained to click/reply "YES, I don't care about this problem" when confronted with a dialog box no matter how dire the warning in the dialogue.
But setting StrictHostKeyChecking to "yes" means you aren't prompted any more. In any case, that's an application issue, not a protocol issue. Perry -- Perry E. Metzger perry () wasabisystems com -- Quality NetBSD CDs, Support & Service. http://www.wasabisystems.com/
Current thread:
- Re: "The End of SSL and SSH?", (continued)
- Re: "The End of SSL and SSH?" Perry E. Metzger (Dec 19)
- Re: "The End of SSL and SSH?" Stefan Monnier (Dec 20)
- Re: "The End of SSL and SSH?" Brett Glass (Dec 20)
- Re: "The End of SSL and SSH?" Crispin Cowan (Dec 20)
- Re: "The End of SSL and SSH?" Ajax (Dec 20)
- Re: "The End of SSL and SSH?" Eric Rescorla (Dec 21)
- Re: "The End of SSL and SSH?" Damien Miller (Dec 21)
- Re: "The End of SSL and SSH?" Ryan Russell (Dec 21)
- Re: "The End of SSL and SSH?" Michael H. Warfield (Dec 20)
- Re: "The End of SSL and SSH?" Perry E. Metzger (Dec 21)
- Re: "The End of SSL and SSH?" Eric Rescorla (Dec 21)
- Re: "The End of SSL and SSH?" Samuele Giovanni Tonon (Dec 21)
- Re: "The End of SSL and SSH?" - mongo followup Kurt Seifried (Dec 24)
- Re: "The End of SSL and SSH?" Darren Reed (Dec 21)
- Re: "The End of SSL and SSH?" Klaus Moeller (Dec 22)