Hi,
+-From: Dale Anderson <rmtc...@gmail.com> --
|_Date: Mon, 13 Jun 2011 00:32:08 -0700 ____
|
|1. With regards to "StrictHostKeyChecking" are there any scenarios where it
|might be better to set it to "no" rather than "yes"?
|2. My Java program that would use JSCH would SFTP files to our Internal SFTP
|server. Is this file transfer also vulnerable to 'man in the middle' attack?
|ie: In this case should I check for "StrictHostKeyChecking" or would it be
|an overkill?
It depends on your environment and the security policy.
We must not suggest to set it to "no" for our customers,
but if you don't have to care for DNS spoofing, IP spoofing, etc.,
you may want to do so.
Sincerely,
--
Atsuhiko Yamanaka
JCraft,Inc.
1-14-20 HONCHO AOBA-KU,
SENDAI, MIYAGI 980-0014 Japan.
Tel +81-22-723-2150
+1-415-578-3454
Skype callto://jcraft/
Twitter: http://twitter.com/ymnk
Facebook: http://facebook.com/aymnk
------------------------------------------------------------------------------
EditLive Enterprise is the world's most technically advanced content
authoring tool. Experience the power of Track Changes, Inline Image
Editing and ensure content is compliant with Accessibility Checking.
http://p.sf.net/sfu/ephox-dev2dev
_______________________________________________
JSch-users mailing list
JSch-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/jsch-users
