[Haskell-cafe] Status update on {code, trac, projects, planet, community}.haskell.org

Vincent Hanquez tab at snarc.org
Thu Feb 17 19:54:27 CET 2011


On Thu, Feb 17, 2011 at 07:30:23PM +0100, Henning Thielemann wrote:
> Do you think it is paranoid? Unfortunately it has become quite common to
> ignore SSH warnings because admins often do not care about restoring
> keys when updating the operating system or moving the machine, even not
> telling users that the host key has changed. But if I had  ignored the
> SSH warning on code.haskell.org recently I might have logged in and from
> there maybe to other servers, thus giving my passwords to the attackers.
> I think generally that just deleting a host from known_hosts in response
> to an SSH warning and blindly accepting a new host key is not a fix. Am
> I too afraid?

If sshd has been compromised, so is the original host private key. It would be
kind of pointless (security wise) to restore it on the new server.

-- 
Vincent



More information about the Haskell-Cafe mailing list