|
|
|
|
|
|
by necovek
1087 days ago
|
|
|
Another point worth bringing up: it'd be nice if we set up either a PGP-like trust ring for host SSH signatures, or relied on a set of CAs like we do for TLS. Something as simple as confirm-fingerprint-over-https (eg. look for https://ssh-host/.host-ssh-fingerprint) could work if enough ssh clients used it. |
|
|