Subject: Re: X11 forwarding not working with in-tree sshd
To: None <firstname.lastname@example.org>
From: Wolfgang Rupprecht <email@example.com>
Date: 10/05/2000 10:11:55
> > A key database where you could share ssh host keys with ipsec would
> > be good too.
> The professional paranoid in me worries that reusing the same key for
> both purposes might have unexpected consequences..
I figured I must have misunderstood because I don't see why one would
want to share a single per-host key between different algorithms
Let's say SSH puts its public key for host X into /etc/big-file-o-keys.
Now if ipsec were to use that same host key for DES it would be using
what for all purposes was a disclosed key. Not good.
Wolfgang Rupprecht <firstname.lastname@example.org>
Coming soon: GPS mapping tools for Open Systems. http://www.gnomad-mapping.com/