Do you think this is a security risk and if not is it a bad UI decision?

Nico Kadel-Garcia nkadel at
Tue May 7 01:23:19 UTC 2013

On Mon, May 6, 2013 at 9:37 AM, Eric H. Christensen
<sparks at> wrote:
> Hash: SHA512
> On Mon, May 06, 2013 at 08:27:14AM -0500, Josh Bressers wrote:
>> A checkbox is probably the right way to handle this. While yes it's
>> slightly more work, it does two very important things. It puts the
>> user in control, and it is secure by default.
> Secure by default is definitely where we need to be at all times.  Now if we could just get SSH to be secure by default...

That's a separate issue. But it's not gonna happen. I've raised some
of the more obvious flaws on the developer's list, fhaws that existed
back before OpenSSH even existed such as lack of hostkey experation,
user key experiation, lack of tools to delete specific host keys from
.ssh/known_hosts, lack of tools to manage authorized_keys, and the
continuing support for the default use of unencrypted private keys.

The attitude from the core OpenBSD development community was "if you
don't trust the machine you're on, you shouldn't be using it", and
Theo de Raadt calling me four letter words.

More information about the devel mailing list