Blumenthal, Uri - 0553 - MITLL wrote: > > > Uri (earlier in this thread) does answer this question clearly (that > > the principal should be the hostname only), and, now that I've found > > PROTOCOL.certkeys, this seems to be spelt out unambiguously there too: > > In turn this means: One cannot expect several SSH services on a single host to be > securely distinguishable from each other by their particular service key. So if one of > the SSH services gets compromised all SSH services on this host are subject to MITM > attacks with the private key of the compromised service. > > Yes and no. The standards wisely do not allow port numbers as a part of the DNS > identity. Ok, then one must access the different services by different FQDN. > I still think it’s not a very good idea to “securely distinguish several SSH services > running on a single host”, but it seems entirely doable if you’re bent on it. I'm curious: What's wrong to have a different SFTP-only service running on a different port besides the SSH server for admin shell access? Ciao, Michael.
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev