NLnet on Nostr: With the project: 'Improving OpenSSH's Authentication and PKI', Wiktor Kwapisiewicz ...
With the project: 'Improving OpenSSH's Authentication and PKI', Wiktor Kwapisiewicz (npub1stn…3829) Kwapisiewicz, David Runge & Doron Behar address the issue of initial trust in SSH.
Most SSH users default to the “Trust On First Use” model, which leaves the 1st connection vulnerable to Man in the Middle attacks.
Solving this problem securely but frictionlessly requires a Public Key Infrastructure. The project uses the OpenPGP PKI to authenticate the remote host.
Interview: https://nlnet.nl/project/OpenPGP-OpenSSH/interview.html
#FOSS #NGI0 #NGI
Most SSH users default to the “Trust On First Use” model, which leaves the 1st connection vulnerable to Man in the Middle attacks.
Solving this problem securely but frictionlessly requires a Public Key Infrastructure. The project uses the OpenPGP PKI to authenticate the remote host.
Interview: https://nlnet.nl/project/OpenPGP-OpenSSH/interview.html
#FOSS #NGI0 #NGI