Hacker News new | ask | show | jobs
by PhilipRoman 44 days ago
If you blindly TOFU ssh sessions, those can be pwned easily in many common use cases. Legacy software configurations like NFS with IP authentication will be bypassed. Realistically the most likely scenario is using your home as a VPN, or a DDOS node.
1 comments
raggi 44 days ago
yeah, and it's not like people recently launched a coffee shop that accepts payments over tofu ssh and a shell provider doing the same
link