this post was submitted on 09 Nov 2023
192 points (99.0% liked)

Privacy

31872 readers
620 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

Chat rooms

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] ToxicWaste@lemm.ee 1 points 1 year ago (1 children)

I hope for you, that you don't SSH into any random machine and just import their cert.

Usually you know the machines you are trying to connect to. That gives you the ability to add their cert to your trusted hosts before connecting the first time. So for browsing the WWW this makes not much sense, since you connect to way too many unknown hosts. It would create a 'red is green' mentality where users just import any unknown cert.

The only similarity i see, which makes sense, would be e-banking and such. The bank could send you their certificate with the login credentials by post.

[–] PowerCrazy@lemmy.ml -4 points 1 year ago (1 children)

Why? There is absolutely zero risk in SSHing into "random" machines especially since I'm using public ssh-keys. Of course the first time I connect to a machine it's going to be untrusted, but who cares? I'm using SSH to ensure others can't sniff my traffic.

[–] ToxicWaste@lemm.ee 1 points 1 year ago (1 children)

If i want to sniff your traffic, ill set up another machine as MITM attack.

I guess as long as you stay inside a secure company network, it wouldn't be that bad. But if you go through the WWW, my advice is to manually add trusted hosts.