True *unless* the server is not on the public internet. In that case, pulling th... | Hacker News

Hacker News new | past | comments | ask | show | jobs | submit

login

alextgordon on Dec 31, 2015 | parent | context | favorite | on: Non-Unique SSH Host Keys Ed25519 on Hetzner

True unless the server is not on the public internet. In that case, pulling the plug if port 22 is accessed would be a reasonably defensible idea (you are being attacked for sure, and it's hard to attack a machine that is off) ...albeit paranoid in the extreme.

sarciszewski on Dec 31, 2015 [–]

Okay well, a probably more realistic solution would be "peek at the host keys from the hypervisor" anyway. :)

Consider applying for YC's Spring batch! Applications are open till Feb 11.
Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact