Openssl and openssh
ew-ssh at kegger.national-security.net
ew-ssh at kegger.national-security.net
Thu Aug 1 23:21:00 EST 2002
Ahh, ok; thank you. So basically only those servers who have public key
entries in my authorized_hosts[2] would be able to exploit the ssl
vulnerability? I suppose those who have an entry in my authorized_keys
already get access to the box, so why exploit it.
Thank you!
On Thu, 1 Aug 2002, Florian Weimer wrote:
> ew-ssh at kegger.national-security.net writes:
>
> > What does Weimer mean by "server"? Usually public keys are sitting right
> > next to the private ones.
>
> In order to use public key authentication, you have to put the public
> keys into some authorized_keys/ssh_known_hosts file on the server.
> That's what I meant.
>
>
More information about the openssh-unix-dev
mailing list