Scenario:
We have a site that is strictly ssh, no cleartext password services are
running. A user travels to a remote site for a conference, carrying with
her a laptop that has been loaded with ssh so she may connect to her account
at home to read her mail and do whatever else. Her laptop, of course, works
when it is plugged into the network at our home site. But, at the
conference, she plugs her laptop into the remote network and receives an IP
assignment, perhaps statically or via dhcp, and tries to ssh home. What
happens? Will she get through?
At present, I've configured sshd to do StrictHostChecking. Why? Because I
don't know any better and I figure being more restrictive at the beginning
is a good place to start until I understand the implications of removing it.
I am, of course, interested in the solution, but I am also interested in any
comments, good or bad, you may have.
Thanks! Ken
