How Uber, Facebook, and Netflix Do SSH

TL;DR A study shows there is a cybersecurity attack every 39 seconds. In a typical SSH protocol: the server trusts the client if the client’s public key is listed as authorized, and the client trusts the server’s public key on first use (TOFU). The trust on first use (TOFU) approach delegates the trust to the clients and leave them vulnerable to man-in-the-middle attacks. One solution to fix this is using SSH certificates and SSH certificate authorities (CA)....

Aug 8, 2019 · 1 min · Milad Irannejad