[python-committers] SSH fingerprint
Eric V. Smith
eric at trueblade.com
Tue Mar 26 13:56:43 CET 2013
More information about the python-committers mailing list
Tue Mar 26 13:56:43 CET 2013
- Previous message: [python-committers] SSH fingerprint
- Next message: [python-committers] SSH fingerprint
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On 3/26/2013 8:39 AM, Roger Serwy wrote: > >> Well if a MITM attacker tries to use your ssh access to do anything >> nasty, >> another developer will probably notice quite quickly. >> (the only "nasty thing" the ssh access allows you to do is "hg push", >> IIRC; still, that can trigger code execution on the buildbots) >> >> > Sure, but it would be better to actually have the fingerprints to avoid > the MITM attack altogether. I completely agree. "We'll notice the damage" is not a great reason to avoid publishing the fingerprints. > Can someone log into hg.python.org and get the public keys for the server? Not me. But from my hosts, I get: RSA key fingerprint is ec:98:fe:7b:e1:0f:88:c5:93:37:83:64:a4:cc:aa:01. -- Eric.
- Previous message: [python-committers] SSH fingerprint
- Next message: [python-committers] SSH fingerprint
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the python-committers mailing list