|
|
|
|
|
|
by tptacek
291 days ago
|
|
|
SSH has always relied on key continuity for this problem; you're exposed when you're first introduced to a host (on a particular client) but then fine from that point on. This of course breaks down with cattle fleets where ~most logins are to hosts you've never hit before, which is why cattle fleets tend to use SSH PKI. |
|
|
I think passkeys resolve that, even though it's more of a human issue than a technical issue :-).