Hacker News new | past | comments | ask | show | jobs | submit login

You're missing the point: SSH does not provide a host key rotation/revocation mechanism. TLS does.



It does provide host key rotation in OpenSSH 6.8+: http://blog.djm.net.au/2015/02/key-rotation-in-openssh-68.ht...


This technique assumes the operator is OK with taking a few weeks for all users to register the new host key. In the event of a leak, revocation of the leaked key must be immediate. That's why we have CRLs (and OneCRL) and OCSP.


You can use cert signed keys with ssh.


You said that you are afraid of loosing users after a leak, which implies if you don't have to, you won't tell your users about the incident.


No. I said that changing the key, which must happen, will trigger a warning that will scare users away. Which is (partly) why no one uses SSH with non technical populations.


No, its that the fix is client side and painful. They can tell their users to fix it and they would rather leave than do it.


I thought users would be prompted to accept a new fingerprint. Am I missing something?


If by "prompted" you mean:

@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @ IT IS POSSIBLE THAT SOMONE IS DOING SOMETHING NASTY! Someone could be eavesdropping on you right now!

Then, yes, users will be prompted in the scariest possible language.

Compare this with HTTPS/browsers, which care not a lick if a certificate/fingerprint is different, provided that the certificate is valid and the chain is trusted.


Which --coincidentally-- is exactly the problem with it.




Join us for AI Startup School this June 16-17 in San Francisco!

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: