clearly specify that its about the default ssh config

This commit is contained in:
forest 2021-01-31 02:16:13 -06:00
parent 9222daefbc
commit 7568699920

View File

@ -318,8 +318,8 @@ Host key verification failed.
<p>
Because of the case for absolute simplicity, I think if anything,
it might even make sense to remove the TOFU and make the ssh client even less user friendly; requiring the
expected host key to be passed in on every command would dramatically increase the security of real-world SSH usage.
This might already be possible with a custom SSH client configuration.
expected host key to be passed in on every command by default
would dramatically increase the security of real-world SSH usage.
In order to make it more human-friendly again while keeping the security benefits,
we can create a new layer of abstraction on top of SSH, create regime-specific automation & wrapper scripts.
</p>