[cvsnt] Re: Where to read on ssh and ssh1 used by cvsnt?
Tony Hoyle
tmh at nodomain.org
Wed Oct 6 01:49:00 BST 2004
Siegfried Heintze wrote:
> Where can I read more about this? Whose implementation of ssh are we using
> here? Am I using the ssh that comes with Cygwin or an implementation built
http://www.chiark.greenend.org.uk/~sgtatham/putty/
> I guess the problem is that there is no verisign certificate server. Is
> there anyway to be sure that the computer is the computer I think it is
> without paying for ssl?
ssh predates verisign extortion by many years. Just make sure it's
right the first time, and it'll tell you immediately if the certificate
changes.
If you're particularly paranoid, get the admin of the remote site to
give you its public key over a secure channel ( = meet him, make sure it
*is* him, and get him to give you a floppy or usb key with it on) then
when you connect if it doesn't match refuse the conneciton.
Tony
More information about the cvsnt
mailing list