Hacker News new | ask | show | jobs
by jakobegger 2715 days ago
There is already a solution to this problem, which is host key certificates.

All you need to do is configure your SSH client to accept only host keys signed by your CA.

However, setting that up is complicated. You need a lot of knowledge to set that up securely. On the other hand, manual verification of host keys is trivial -- anybody can compare a short string of characters.
2 comments
h1d 2715 days ago
Trivial but who does that when? I never even learnt what I should compare that with and just accepted everything (and have been safe that way).
link
isodude 2714 days ago
The best way to ensure that keys are correct, is to git a file like .ssh/known_hosts2 and add known keys to that file before you connect to the server.

How you get the public key is up to you, but they are located in /etc/ssh/ on the server, or given to you when creating the server.

ssh-keyscan can scan a host and print the keys as well.

If you also add the servers to .ssh/config you also get tab completion.

It takes a bit more job to do, but it feels much safer afterwards, and it's a good routine.

link
da_chicken 2714 days ago
Your solution is that a system you trust is impossible to compromise? That seems unreasonably optimistic.
link