HomeTechmonkeysphere project to add PKI to all the services
monkeysphere project to add PKI to all the services
looks pretty cool. This project claims to want to apply the PKI web-of-trust to different services like web browsing and SSH. By querying the public keys stored on key servers, you wouldn’t need to guess that the remote site was providing their actual key the first time you connect, like you normally would when connecting to a new server or from a new client via SSH. You know what I’m talking about:
The authenticity of host'foo.bar.baz'can'tbe established.
Are you sure you want tocontinueconnecting(yes/no)?
Yeah, that’s what I’m talking about. There’s no guarantee that the host you’re connecting to is the one you think it is unless you already know what the fingerprint is or you’re already using some other method for key exchange. The nice thing about this project is that they claim that there are absolutely no modifications needed to SSH to get this to work.