On Thu, Feb 17, 2011 at 07:30:23PM +0100, Henning Thielemann wrote: > Do you think it is paranoid? Unfortunately it has become quite common to > ignore SSH warnings because admins often do not care about restoring > keys when updating the operating system or moving the machine, even not > telling users that the host key has changed. But if I had ignored the > SSH warning on code.haskell.org recently I might have logged in and from > there maybe to other servers, thus giving my passwords to the attackers. > I think generally that just deleting a host from known_hosts in response > to an SSH warning and blindly accepting a new host key is not a fix. Am > I too afraid?
If sshd has been compromised, so is the original host private key. It would be kind of pointless (security wise) to restore it on the new server. -- Vincent _______________________________________________ Haskell-Cafe mailing list Haskell-Cafe@haskell.org http://www.haskell.org/mailman/listinfo/haskell-cafe