If it is decided to use a ssl secured web page in an organization to verify ssh public keys, should both the fingerprints (ssh-keygen -l -f *.pub) and the contents of the three .pub files (cat /etc/ssh/*.pub) in the /etc/ssh/*.pub directory be included on the page. Or will most users just need to look at the fingerprint.
Great article!
[ reply ]
Link to this comment: http://www.securityfocus.com/comments/infocus/1806/58#58