On 2013-03-25 02:53, Holger Parplies wrote: > actually, don't. StrictHostKeyChecking is on by default for a good reason. > Without it, you're vulnerable to MITM attacks,
Which in the case of SSH key authentication, means only that the data crossing the SSH tunnel could be read. While that's bad, especially if backing up /etc/shadow on an older server with md5 password hashes, it's not nearly as dangerous as a MITM attack with password authentication. Don't do it if you don't understand the risks. In this case, I think it's a fair trade - convenience versus a very rare risk. Regards, Tyler -- "Privacy has to be viewed in the context of relative power. For example, the government has a lot more power than the people. So privacy for the government increases their power and increases the power imbalance between government and the people; it decreases liberty. Forced openness in government – open government laws, Freedom of Information Act filings, the recording of police officers and other government officials, WikiLeaks – reduces the power imbalance between government and the people, and increases liberty." -- Bruce Schneier ------------------------------------------------------------------------------ Everyone hates slow websites. So do we. Make your web apps faster with AppDynamics Download AppDynamics Lite for free today: http://p.sf.net/sfu/appdyn_d2d_mar _______________________________________________ BackupPC-users mailing list BackupPC-users@lists.sourceforge.net List: https://lists.sourceforge.net/lists/listinfo/backuppc-users Wiki: http://backuppc.wiki.sourceforge.net Project: http://backuppc.sourceforge.net/
