|
|
|
|
|
|
by jcarrano
1126 days ago
|
|
|
That makes more sense, but then, in any case, you should be transmitting public keys over a medium that is authenticated in some form. Otherwise, an attacker could simple replace the key by theirs. The advantage of this method is that it works without supervision. If the attacker just replaced the key, they would have to attempt to login in the narrow window between installation and it being replaced because it does not work. |
|
|