Comment Re:End-to-end encryption (Score 3, Informative) 152
And how many ssh users actually check the key fingerprints and verify they match those stored on the remote host? Is that even possible in most circumstances?
Hello, have you ever used ssh? As in, at all? It raises a holy hell if the keys have been tampered with.
$ ssh hostname.tld
@ WARNING: POSSIBLE DNS SPOOFING DETECTED! @
The RSA host key for hostname.tld has changed,
and the key for the corresponding IP address xxxxxxxxxxxxxxxxxx
is unknown. This could either mean that
DNS SPOOFING is happening or the IP address for the host
and its host key have changed at the same time.
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the RSA key sent by the remote host is
zzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzz.
Please contact your system administrator.
Add correct host key in
Offending RSA key in
RSA host key for hostname.tld has changed and you have requested strict checking.
Host key verification failed.