SSH DSA logins on crank.

Gary Oberbrunner garyo at oberbrunner.com
Wed May 21 08:36:32 EDT 2008


Carl-Daniel Hailfinger wrote:
> What happens to those who never logged in *from* a Debian/Ubuntu
> machine? There's no reason to not let them keep their DSA key.

The point, iiuc, is that if even one such key was sniffed, crank is 
compromised.  At least that user's account, which is dangerous enough.

-- 
Gary Oberbrunner



More information about the Devel mailing list