From owner-freebsd-questions@FreeBSD.ORG Wed Mar 10 12:14:19 2010 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 2A65B1065670 for ; Wed, 10 Mar 2010 12:14:19 +0000 (UTC) (envelope-from norgaard@locolomo.org) Received: from mail.locolomo.org (97.pool85-48-194.static.orange.es [85.48.194.97]) by mx1.freebsd.org (Postfix) with ESMTP id D250C8FC1F for ; Wed, 10 Mar 2010 12:14:18 +0000 (UTC) Received: from [10.66.236.37] (unknown [82.113.106.222]) by mail.locolomo.org (Postfix) with ESMTPSA id 92AF01C0871; Wed, 10 Mar 2010 13:14:16 +0100 (CET) References: <532b03711003071325j9ab3c98u703b31abdc7ea8fe@mail.gmail.com> <4b960747.T7FO5AkwXJGAGApg%perryh@pluto.rain.com> <201003090848.o298mBSN079005@banyan.cs.ait.ac.th> <4b97392c.O1yEWWCVzta4T7fL%perryh@pluto.rain.com> <201003101059.o2AAxfns092895@banyan.cs.ait.ac.th> Message-Id: <4BE3E3C6-EE41-426A-AD03-6DF9BDE50DC8@locolomo.org> From: =?utf-8?Q?Erik_N=C3=B8rgaard?= To: Olivier Nicole In-Reply-To: <201003101059.o2AAxfns092895@banyan.cs.ait.ac.th> Content-Type: text/plain; charset=us-ascii; format=flowed; delsp=yes Content-Transfer-Encoding: 7bit X-Mailer: iPhone Mail (7E18) Mime-Version: 1.0 (iPhone Mail 7E18) Date: Wed, 10 Mar 2010 13:14:19 +0100 Cc: "perryh@pluto.rain.com" , "freebsd-questions@freebsd.org" Subject: Re: [OT] ssh security X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 10 Mar 2010 12:14:19 -0000 On Mar 10, 2010, at 11:59, Olivier Nicole wrote: > Now Diffie-Hellman may help providing the trust for the fingerprint. > No it won't. Trust goes either via a trusted third party as in PKI or the pgp chain of trust or via direct verification. In the latter case if you cannot establish trust, call up the owner to verify his key. BR erik