On Tue 11 Feb 2014 at 06:52:10 -0700, Paul E Condon wrote: > I'm puzzled about the apparent 'security theater' on this topic. > Known host checking is done, I think, to defend against 'man in the > middle', so when the known host key changes because of some event down > in the bowels of dynamic dns, does one have any possibility of > determining that it is truly *not* a man-in-the-middle attack? Is there > some method for checking up on dynamic dns changes other than merely > noting the new value and adapting to it?
The IP address of the machine may change but its fingerprint doesn't. So you check that. Some people use 'VisualHostKey yes' as a memory aid. -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/12022014130038.4f3b3bd04...@desktop.copernicus.demon.co.uk
