From: John Leo john...@checkssh.com
Subject: [FD] SSH host key fingerprint - through HTTPS
Date: Mon, 01 Sep 2014 12:41:17 +0800
This tool displays SSH host key fingerprint - through HTTPS.
SSH is about security; host key matters a lot here; and you can know
for sure by using this tool
Hi,
On 1 Sep 2014, at 10:43, Stephanie Daugherty sdaughe...@gmail.com wrote:
Sure it shows me the fingerprint, but it doesn't tell me for sure if that's
the RIGHT fingerprint or the fingerprint of an imposter,
It's entirely possible that both myself and that site are BOTH falling
victim to
On 01/09/14 10:43, Stephanie Daugherty wrote:
Sure it shows me the fingerprint, but it doesn't tell me for sure if that's
the RIGHT fingerprint or the fingerprint of an imposter,
It's entirely possible that both myself and that site are BOTH falling
victim to a MITM attack.(routing attacks,
W dniu 01.09.2014 o 17:16, Chris Nehren pisze:
It's Monday and I haven't had my tea yet, so maybe I'm missing
something. What is it?
It rules out the possibility, that your ssh connection is being MITMed.
If key reported by your ssh client is different than key reported by
this website,
If your HTTPS is not being MiTMed as well... (or the edge case - if it
is not John Leo doing the MiTMing of your SSH connection :)
If you trust Mr Leo *and* you know what that HTTPS cert should look
like, it may be of use. Personally, I'd rather do it more out-of-band
than this, but could be
over TOFC, particularly when more robust alternatives (MonkeySphere,
signed host keys, use of an organization's own HTTPS site) exist and are
clearly superior.
On Mon, Sep 1, 2014 at 12:41 AM, John Leo john...@checkssh.com
mailto:john...@checkssh.com wrote:
This tool displays SSH host key
Nice to hear from you!
I can only wish your suggestion is widely implemented. And don't forget those
machines without domain.
Best Wishes,
On 2014-9-2 04:21, Jeroen van der Ham wrote:
Hi,
On 1 Sep 2014, at 10:43, Stephanie Daugherty sdaughe...@gmail.com wrote:
Sure it shows me the
Thanks. Yes, your suggestion is cool.
Best Wishes,
On 2014-9-1 19:41, Micha Borrmann wrote:
Nice tool, but it is also possible, to use DNSSEC to validate SSH
fingerprints, which is much more comfortable and more secure.
Am 01.09.2014 um 06:41 schrieb John Leo:
This tool displays SSH host key
Personally I feel more comfortable with CA.
Best Wishes,
On 2014-9-2 02:48, maxigas wrote:
From: John Leo john...@checkssh.com
Subject: [FD] SSH host key fingerprint - through HTTPS
Date: Mon, 01 Sep 2014 12:41:17 +0800
This tool displays SSH host key fingerprint - through HTTPS.
SSH is about
This tool displays SSH host key fingerprint - through HTTPS.
SSH is about security; host key matters a lot here; and you can know for sure
by using this tool. It means you know precisely how to answer this question:
The authenticity of host 'blah.blah.blah (10.10.10.10)' can't be established
Nice tool, but it is also possible, to use DNSSEC to validate SSH
fingerprints, which is much more comfortable and more secure.
Am 01.09.2014 um 06:41 schrieb John Leo:
This tool displays SSH host key fingerprint - through HTTPS.
SSH is about security; host key matters a lot here; and you can
On Mon, Sep 01, 2014 at 12:41:17 +0800, John Leo wrote:
This tool displays SSH host key fingerprint - through HTTPS.
SSH is about security; host key matters a lot here; and you can know
for sure by using this tool. It means you know precisely how to answer
this question:
The authenticity
12 matches
Mail list logo