On 2014-08-28 16:05, Sytse Sijbrandij wrote: > Hi Marcin, > > Sorry, I get you point now. Fixed with
In fact my question could be not precise enough. > https://gitlab.com/gitlab-com/www-gitlab-com/commit/775145ea05685874dc3bdeec1cf5f03f4ec25b5e Great, thanks Sytse! Marcin > On Thu, Aug 28, 2014 at 3:19 PM, Marcin Zajączkowski <[email protected]> wrote: >> On 2014-08-28 15:08, Sytse Sijbrandij wrote: >>> This is normal for all new servers you connect to with ssh. >> >> Sytse, I know that. In my email I complaint that there is no information >> about the real/valid/expected fingerprint in the hosted GitLab >> webpage/documentation which I could use to verify that SSH (in the first >> try) tries to connect to the real server (not fake server used in the >> man-in-the-middle attack). >> >> Sure, the chance is negligible, but for paranoids it would be very useful. >> >> Marcin >> >> >> >> >>> On Mon, Aug 18, 2014 at 3:40 PM, Marcin Zajączkowski <[email protected]> wrote: >>>> Hi, >>>> >>>> When repository on gitlab.com is used first time on a given computer SSH >>>> asks about a confirmation of ECDSA (or RSA) fingerprint to prevent a >>>> man-in-the-middle attack. I wasn't able to find that information in GitLab >>>> documentation. Is it available somewhere? >>>> >>>> If not I think it would be useful to place it somewhere in the >>>> documentation >>>> or in the "SSH keys" section in the user profile. >>>> >>>> Marcin -- http://blog.solidsoft.info/ - Working code is not enough -- You received this message because you are subscribed to the Google Groups "GitLab" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/gitlabhq/53FF7D19.2000206%40wp.pl. For more options, visit https://groups.google.com/d/optout.
