Integrity protection of fetches

Mike McGrath mmcgrath at redhat.com
Fri Aug 6 09:34:19 UTC 2010


On Fri, 6 Aug 2010, Mike McGrath wrote:

> On Fri, 6 Aug 2010, Till Maas wrote:
>
> > On Thu, Aug 05, 2010 at 04:32:36PM -0500, Mike McGrath wrote:
> > > On Thu, 5 Aug 2010, Till Maas wrote:
> >
> > > > Yes ssh is secure if used properly. To get the proper known_hosts entry,
> > > > one has to download https://admin.fedoraproject.org/ssh_known_hosts btw.
> > > >
> > >
> > > We also use SSHFP records for those of you that want to enable
> > > VerifyHostKeyDNS yes in their ~/.ssh/config files.  Not all of our hosts
> > > have it but many of our 'user' based external hosts do (pkgs,
> > > fedorapeople, fedorahosted, etc)
> >
> > Afaik the SSHFP records are not protected against tampering by an MITM
> > attacker.
> >
>
> They're better then ssh alone.  They're only used for the first initation.
> So you'd have to be MITM'ed on the first connection in which case you're
> right, they wouldn't protect against that.
>

Side note on this: Combined with DNSSEC, this actually would protect
against a MITM attacker.

	-Mike


More information about the devel mailing list