anode Posted November 15, 2018 Share Posted November 15, 2018 I'm probably going to do a bad job asking this but..... Can one configure sshd to only connect with clients that already have the key in known_hosts? ie: Not offer the server's public key to the client on first connection. So if the client doesn't have the server's public key, its just gets a connection refused. This would be linux; raspbian or kali on a Pi. (server) Quote Link to comment Share on other sites More sharing options...
NoExecute Posted November 17, 2018 Share Posted November 17, 2018 Sorry for posing a stupid question... but why ? You can setup the client, to not connect if server is not in known_hosts, but as far as I see it, SSH wont function properly without sending servers public key. I'm not sure, but I really can't see the point in it either ;) If it' a matter of security, set key auth only, and disable ordinary password login. throw some fail2ban in front of it, and you should be fairly safe :) Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.