| ▲ | SXX 4 days ago |
| One question for you or anyone who tried it. SSH host (mac) key pre disk unlock is randomly generated and persistent? |
|
| ▲ | lxgr 4 days ago | parent [-] |
| I'd be surprised if it were a different key from the regular host key. Most SSH clients I know show a big and often non-overridable warning in case of a changed host key and don't allow (at least not TOFU-style) trusting two keys. |
| |
| ▲ | SXX 4 days ago | parent [-] | | > Most SSH clients I know show a big and often non-overridable warning in case of a changed host key and don't allow (at least not TOFU-style) trusting two keys.
You can solve this with HostKeyAlias, but yeah I doubt Apple would do this. Considering other comments mentioning "just SSHing after reboot" it's certainly the same host key. https://stackoverflow.com/questions/733753/how-to-handle-ssh-host-key-verification-with-2-different-hosts-on-the-same-but
PS: Another option obviously UserKnownHostsFile, but I would better keep single known hosts file. | | |
| ▲ | lxgr 4 days ago | parent [-] | | Wow, TIL about HostKeyAlias and CheckHostIP. Especially the latter sounds super useful when it comes to frequently changing private IPs. Thank you! |
|
|
