[X2Go-Dev] Feature Request: update ssh public key fingerprint from within x2goclient
newsgroups.mail2 at stefanbaur.de
newsgroups.mail2 at stefanbaur.de
Fri Feb 17 14:41:18 CET 2012
Hi list,
after swapping a server and trying to connect to it with X2Go,
x2goclient greets me with
---------------------------
Authentification failed
---------------------------
Host key for server changed.
It is now: xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx
For security reasons, connection will be stopped
---------------------------
OK
---------------------------
In the same situation, the NX client would ask if the key should be updated.
I can see that offering such a direct option is a good idea from a
usability viewpoint, but a bad one from a security viewpoint, as users
tend to click yes/allow on every popup they see.
The current approach of x2goclient is the total opposite.
A moderately experienced Linux user might figure out that ssh-keygen -R
<hostip> will help, but to a Windows user, this will be an unsolvable
mystery.
I would like to suggest adding an option to remove/update the key from
within the X2Go-Client. However, to avoid "user click-through", it
should be somewhere in the menu, and the popup message should be amended
with a note pointing to that menu.
-Stefan
More information about the x2go-dev
mailing list