Re: Possible to get publickey fingerprint in sshd log messages?
From: David Olbersen (dave@slickness.org)
Date: 10/11/02
- Next message: Peter Jeremy: "Re: access() is a security hole?"
- Previous message: Nicholas Esborn: "Possible to get publickey fingerprint in sshd log messages?"
- In reply to: Nicholas Esborn: "Possible to get publickey fingerprint in sshd log messages?"
- Next in thread: Jason Stone: "Re: Possible to get publickey fingerprint in sshd log messages?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 11 Oct 2002 14:08:41 -0700 From: David Olbersen <dave@slickness.org> To: Nicholas Esborn <nick@netdot.net>
Thus spake Nicholas Esborn (nick@netdot.net):
> The problem is that I can't tell which public key was used to gain entry.
> Would a public key fingerprint in this message weaken security in some way
> I'm missing?
I've been wondering about this ability myself.
Showing a PUBLIC key fingerprint shouldn't weaken security at all,
should it? It would create the possibility of somebody sending your
client encrypted messages, but I wonder how much of a problem that could
be.
-- David Olbersen <dave@slickness.org> Site: http://mp3s.mootech.net PGP Key: http://mootech.net/~dave/gpg-key.txt One hoopy frood who knows where his towel is.
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
- application/pgp-signature attachment: stored
- Next message: Peter Jeremy: "Re: access() is a security hole?"
- Previous message: Nicholas Esborn: "Possible to get publickey fingerprint in sshd log messages?"
- In reply to: Nicholas Esborn: "Possible to get publickey fingerprint in sshd log messages?"
- Next in thread: Jason Stone: "Re: Possible to get publickey fingerprint in sshd log messages?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
