Shipping SSL enabled devices
Posted Jan 7, 2011 17:21 UTC (Fri) by giraffedata
In reply to: Shipping SSL enabled devices
Parent article: Default "secrets"
Warning: Permanently added the RSA host key for IP address '192.168.3.203' to the list of known hosts.
I see no alert. I do see a warning that a key has been cached against a new IP address,
You don't mean cached. The list of known hosts is not a cache. A cache is a local copy you keep to accelerate future lookups; the list of known hosts has an entirely different purpose.
It's interesting to see the detail that you can switch back to a previously seen IP address and SSH won't issue a scary message, but I'm not sure that affects any of this discussion, because the scary message on the original change is enough to trigger all the concerns.
SSH is wrong to do this, by the way. The whole point of SSL is that you don't trust the IP network routing, so you authenticate an identity that is independent of that. And the whole point of DNS is that you can move a server to another IP address (as you often must to change its physical location) and users don't see a change in identity.
And even if SSH is concerned the public key encryption could be broken and wants to offer the additional security of telling you the name resolution changed, it shouldn't associate the IP address with the key, but rather with the FQDN, resulting in the message, "Warning: adding IP address 192.168.3.203 to the list of IP locations for foo".
to post comments)