W dniu 01.09.2014 o 17:16, Chris Nehren pisze:
It's Monday and I haven't had my tea yet, so maybe I'm missing
something. What is it?
It rules out the possibility, that your ssh connection is being MITMed.
If key reported by your ssh client is different than key reported by
this website,
If your HTTPS is not being MiTMed as well... (or the edge case - if it
is not John Leo doing the MiTMing of your SSH connection :)
If you trust Mr Leo *and* you know what that HTTPS cert should look
like, it may be of use. Personally, I'd rather do it more out-of-band
than this, but could be
Thanks. Yes, your suggestion is cool.
Best Wishes,
On 2014-9-1 19:41, Micha Borrmann wrote:
Nice tool, but it is also possible, to use DNSSEC to validate SSH
fingerprints, which is much more comfortable and more secure.
Am 01.09.2014 um 06:41 schrieb John Leo:
This tool displays SSH host key
Nice tool, but it is also possible, to use DNSSEC to validate SSH
fingerprints, which is much more comfortable and more secure.
Am 01.09.2014 um 06:41 schrieb John Leo:
This tool displays SSH host key fingerprint - through HTTPS.
SSH is about security; host key matters a lot here; and you can
On Mon, Sep 01, 2014 at 12:41:17 +0800, John Leo wrote:
This tool displays SSH host key fingerprint - through HTTPS.
SSH is about security; host key matters a lot here; and you can know
for sure by using this tool. It means you know precisely how to answer
this question:
The authenticity of