Y
Hacker News
new
|
ask
|
show
|
jobs
by
fidget
3294 days ago
There are other bad things about ssh. Tofu sucks balls and ssh users are far too comfortable with it.
3 comments
voltagex_
3294 days ago
Had to look it up.
https://en.wikipedia.org/wiki/Trust_on_first_use
What would you replace it with?
link
transitorykris
3294 days ago
Signed keys. Here's an example of how to do it from Digital Ocean:
https://www.digitalocean.com/community/tutorials/how-to-crea...
link
arghwhat
3294 days ago
Well, feel free to come up with a better solution. 3rd party trust roots are
way
worse.
link
madmulita
3294 days ago
The server key can be signed by a trusted authority, no need to trust on first use.
link
What would you replace it with?