[python-committers] Weak SSH keys
Jesus Cea
jcea at jcea.es
Wed Jun 3 19:21:04 CEST 2015
On 03/06/15 16:59, Benjamin Peterson wrote:
> That's just how the SSH auth protocol works. The client offers keys
> until the server finds one acceptable. I'm not sure how the order is
> determined; it's probably arbitrary for OpenSSH.
The server will accept the first key it can find a public key
correspondence in its configuration.
The key order the client offers is irrelevant if the server only knows
about a concrete public key . That key will be accepted and all the
other offers will be rejected.
--
Jesús Cea Avión _/_/ _/_/_/ _/_/_/
jcea at jcea.es - http://www.jcea.es/ _/_/ _/_/ _/_/ _/_/ _/_/
Twitter: @jcea _/_/ _/_/ _/_/_/_/_/
jabber / xmpp:jcea at jabber.org _/_/ _/_/ _/_/ _/_/ _/_/
"Things are not so easy" _/_/ _/_/ _/_/ _/_/ _/_/ _/_/
"My name is Dump, Core Dump" _/_/_/ _/_/_/ _/_/ _/_/
"El amor es poner tu felicidad en la felicidad de otro" - Leibniz
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 473 bytes
Desc: OpenPGP digital signature
URL: <http://mail.python.org/pipermail/python-committers/attachments/20150603/c8777da2/attachment.sig>
More information about the python-committers
mailing list