There was a recent post on the Shodan blog showing that certain SSH fingerprints are common across thousands of devices.
For example, this fingerprint is common across over 250,000 devices worldwide:
dc:14:de:8e:d7:c1:15:43:23:82:25:81:d2:59:e8:c0
And this fingerprint is common across over 11,000 devices across the UK:
7c:a8:25:21:13:a2:eb:00:a6:c1:76:ca:6b:48:6e:bf
This obviously presents issues in authenticating which device you are connecting to over SSH, but what other real-world implications are there in having a common fingerprint (and hence, common public key) across so many devices?
Aucun commentaire:
Enregistrer un commentaire