Hi Wolfgang, Wolfgang S. Rupprecht wrote on Wed, Nov 15, 2006 at 04:53:55PM -0800: [..] > > +the responsibility of verifying host keys, and users do no longer need to > > +maintain known_hosts files of their own. ^^^^^^^^^^^ [..] > I would hate to have my ssh allow anyone in just because we used the > same CA. I still see the authorized_keys file as having a very > important role even if the first layer defense is to check if the > certificate is signed by a CA I trust. [..] Are you, by any chance, mixing up "known_hosts" and "authorized_keys"? Cheers, DanielReceived on Thu Nov 16 2006 - 13:17:35 UTC
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:39:02 UTC