Subject: securing CVS access
To: None <>
From: Steve Bellovin <>
List: netbsd-users
Date: 12/09/2001 13:12:14
I was doing a 'CVS update' from the IETF LAN, when I got rather nervous 
-- there have been active attacks on the wireless LAN there in the 
past.  I switched my CVS access to use ssh, but I ran into another 
issue:  I have no way of knowing that I got to the right place, because 
I don't know what the key fingerprints should be.  It would be nice if 
the repositories would publish the fingerprints for all of their SSH 
public keys.

		--Steve Bellovin,
		Full text of "Firewalls" book now at