[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]
On 15 Aug, 2013, at 6:20 pm, Simon Waters wrote:
Curious how folk manage this.Most of the time life has been simple enough that I can manage it by Simon knows if the server was just reinstalled because Simon just reinstalled it approach.It relies on fallible humans, and it doesn't scale, and frankly wasn't THAT secure, but then it didn't have to be.>I know they can go in the DNS (although the DNS then ought to be cryptographically secured (probably not a problem - GoDaddy do it for a few dollar a month but not sure I'd want to use them for work stuff, but solutions exists here which are cheap and easy to do). No sniggering about .GOV at the back.But what is the preferred method for the more paranoid amongst you?My primary goal is to make a new key message, or a mismatching key message, rare enough that people will have time to stop and think when they see one, rather than just adding it, or removing a stale entry (you all know what I mean, even if you don't do it).It isn't a high priority - so solutions have to be lightweight and not demand much of the users of ssh (hence the DNS being interesting).
This probably won't scale: 1. I run each server listening on a non-default port2. I run a suite of tests, implemented as shell scripts, on each host both at regular intervals and when certain events occur, including after boot-up.
3. One of my tests is for sshd to be listening on the host's designated port; if this test fails, then it usually means that I've upgraded/reinstalled and forgotten to merge/restore sshd_conf from its (encrypted and versioned) backup.
HTH -- Phil Hudson http://hudson-it.no-ip.biz @UWascalWabbit PGP/GnuPG ID: 0x887DCA63 -- The Mailing List for the Devon & Cornwall LUG http://mailman.dclug.org.uk/listinfo/list FAQ: http://www.dcglug.org.uk/listfaq