-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 >>>>> "Peter" == Peter Cordes <[EMAIL PROTECTED]> writes:
Peter> It is secure when you have put the public key on the remote Peter> machine already. SSH is only vulnerable to man-in-the-middle when Peter> you first connect to a host, and accept the host-key. Don't you mean "when you have put the public key on the *local* machine already"? i.e. you have a local copy of the server's public key? AFAIK, putting a copy of your personal public key on the server doesn't really gain you much. Perhaps you were just typing too fast, because your next sentence confirms that you want to have the remote's public key on your local machine. And just to nitpick, ssh is also vulnerable to man-in-the-middle if you just blindly accept host key changes (although most recent ssh versions severely discourage such behaviour). - -- Hubert Chan <[EMAIL PROTECTED]> - http://www.geocities.com/hubertchan/ PGP/GnuPG key: 1024D/651854DF71FDA37F Fingerprint: 6CC5 822D 2E55 494C 81DD 6F2C 6518 54DF 71FD A37F Key available at wwwkeys.pgp.net. Please encrypt *all* e-mail to me. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE7hzOoZRhU33H9o38RAoWQAJ0b/ROjvq9iLxx18H0C6ZEAiexWjgCgt4CK id2MXEC7iu4moTtjz9K8gmU= =Y2Eh -----END PGP SIGNATURE-----
