|
|
|
|
|
|
by icedchai
77 days ago
|
|
|
I've been using SSH since 1996 and I've never once seen anyone actually verify a public key manually like that. If they can MITM your SSH server, why can't they MITM your internal web site? In common practice, TOFU is type "yes" and YOLO. |
|
|