John Leo dijo [Mon, Sep 22, 2014 at 03:51:57PM +0800]: > Monkeysphere > (advice from maxigas) > "verify your SSH key through the OpenPGP web of trust" > Strength: OpenPGP is cool if you REALLY know how to use it. > Weakness: "vote counting scheme" does not sound too cool. The "vote counting" goes against knowing whether the signing key is valid or not. When you are asserting the identity of a site you control, or a site you trust, this would only become a *second* chain of trust, if I understand you right. And, of course, the signer *should* be the same as the site operator! > "use of an organization's own HTTPS site" > (advice from Stephanie Daugherty) > In my personal opinion, this is the best solution. > Weakness: basically nothing - it's very secure. A PKI is just the same as the vote counting you mention for OpenPGP, but with money involved and a single point of failure. That is, having the key in a HTTPS site will just mean the organization paid the PKI cartel for a certificate strong enough for a given purpose, not that it is the legitimate organization. > "use DNSSEC to validate SSH fingerprints" > (advice from Micha Borrmann / Jeroen van der Ham / john) > This is a good solution. > Weakness: HTTPS is more mature than DNSSEC(in my personal opinion). The three above are +- the same — different out-of-band channels to establish a given message (the key fingerprint) is genuine. > "ssh-keyscan -p 22 domain.com ..." > (advice from Busindre) > It's the same as running "ssh" directly. Right. We wil also do it implicitly every time we connect to said host, unless our ssh client is *very* badly configured. > Check SSH(https://checkssh.com/) > (we made it) > Strength: this definitely stops ALL local bad boys. > Weakness: > While it's open source(and source code is less than 100 lines)... > We simply won't give you root password of the server(you don't own the server). > If adversary is EXTREMELY powerful: > It's better to set up your own Check SSH. Humh, still... the heart of your site is: shell_exec("ssh-keyscan -p ".$p." ".$h." > ".$f); $r=shell_exec("ssh-keygen -l -f ".$f." 2>&1"); So, what difference would that make WRT running ssh-keyscan from a host we currently trust already?
Description: Digital signature