|
|
|
|
|
|
by csours
2291 days ago
|
|
|
I can't edit anymore, but I've thought about this all day, and I think it comes back to trust. It is easy to configure weak keys or keys without passphrases or all sorts of things that you don't want exposed to the internet. Or your server may have poor config so you don't even want people to know that your server exists. I do wonder, though if it is possible to do use whitelisted features of ssh, like strong keys with strong passphrases, good crypto libraries, etc. I mean people already type their passwords into a browser. |
|
|