ARP-spoofing defense

Michael L Torrie torriem at
Wed Mar 14 14:45:50 MDT 2007

On Wed, 2007-03-14 at 14:12 -0600, Topher Fischer wrote:
> Well, this makes me wonder.  Is there a standard way to configure ssh to
> use certificates, and for clients to maintain a list of trusted CAs and
> trusted certificates?

Well the theory of SSL certificates is that if you trust the root cert,
you trust the child certs.  It's a flawed theory, obviously.  Anyway, it
doesn't apply to ssh because ssh doesn't have a trust model.  You either
trust a key or you don't.  It's not like ssl where I trust your cert
because it's signed by someone else whom I trust.


> /*
> PLUG:, #utah on
> Unsubscribe:
> Don't fear the penguin.
> */

More information about the PLUG mailing list