If a narrow, trusted channel is needed (for example, there is an usb key to take

ID: 662128 • Letter: I

Question

If a narrow, trusted channel is needed (for example, there is an usb key to take data between the machines), it is okay.

Although SSH will throw a big error if it tries to connect to a server pretending to be another one (RSA fingerprint wont match), it can't happen if the servers don't know eachother (also they don't know eachothers key as well). In this case - also before the first connection - a MitM attack is possible, AFAIK.

The best were a command sequence on both side, which generates the needed keys on both sides.

Explanation / Answer

If the servers do not know each other then every connection is in theory unsecured. You can have a list of known servers, distribute it in your environment and prevent users from establishing connection with unknown servers.

To further protect yourself, you can add the server's fingerprint to DNS record require additional verification during connection.

Navigate

If a namespace is present in a library then which of the following is the correc

If a nation is more productive than a trading partner, can it still gain from tr

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.

If a narrow, trusted channel is needed (for example, there is an usb key to take

Question

Explanation / Answer

Related Questions

Navigate