Hacker News
new
|
past
|
comments
|
ask
|
show
|
jobs
|
submit
login
fragmede
on Sept 22, 2023
|
parent
|
context
|
favorite
| on:
TOFU: Do You Check?
Especially since they're distributable via DNS. If your server has an entry in DNS, you shouldn't need to confirm host key.
pritambaral
on Sept 23, 2023
[–]
If the MITM is in the client's LAN, DNS can be spoofed too. A simpler solution would be to just use SSH certs for host keys.
Guidelines
|
FAQ
|
Lists
|
API
|
Security
|
Legal
|
Apply to YC
|
Contact
Search:
