On Sun, Aug 8, 2010 at 14:04, Matt McCutchen <matt@xxxxxxxxxxxxxxxxx> wrote: > On Thu, 2010-08-05 at 22:23 +0200, Till Maas wrote: >> Yes ssh is secure if used properly. To get the proper known_hosts entry, >> one has to download https://admin.fedoraproject.org/ssh_known_hosts btw. > > I'm very glad to see that Fedora provides such a list. I just installed > it on my computer (after filtering out hostnames not ending with > fedoraproject.org, for obvious reasons). > > Is it documented anywhere? For full security, every packager should > install it rather than allowing ssh to add host keys on first use. Well I am not sure that file would be all that useful as it contains lots of hosts a packager would not get to AND could conflict with other networks as it contains a lot of 10.X.X. and 192.X.X. ips. It also gets updated from time to time as we rebuild hosts. > -- > Matt > > -- > devel mailing list > devel@xxxxxxxxxxxxxxxxxxxxxxx > https://admin.fedoraproject.org/mailman/listinfo/devel > -- Stephen J Smoogen. “The core skill of innovators is error recovery, not failure avoidance.” Randy Nelson, President of Pixar University. "We have a strategic plan. It's called doing things."" — Herb Kelleher, founder Southwest Airlines _______________________________________________ infrastructure mailing list infrastructure@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/infrastructure
