[rescue] SSH through firewall
Scott Newell
rescue at sunhelp.org
Wed Dec 12 11:19:27 CST 2001
>~ Is there a better way? Any ssh clients that allow multiple
>~ host keys for a host?
>~
>
>I'm no expert, but wouldn't that weaken SSH? The host key is God.
Would it? Instead of always assuming that host secure.net has key #1,
you'd still check to be sure that:
host secure.net on port 22 has key #1
host secure.net on port 1022 has key #2
host secure.net on port 2022 has key #3
host secure.net on port 3022 has key #4
Multiple keys per hosts, but each key is associated with that host _and_
port number. Or does these scheme leave a big hole for a man in the middle
attack?
newell
More information about the rescue
mailing list