Serious question, what's the real harm in this since it's just public keys? Just allowing a server to discover all the other servers you may have been talking to?
In most cases, no real harm. However, it does give away some information about you which can be used to fingerprint you. This data is also, I'm 99% sure, transmitted in plaintext, so a passive adversary can gather this information as well. For most uses I wouldn't worry about it. But, if you're an attacker, say forcing your way onto an SSH server with a weak password, it can be a valuable source of information for identifying you.
> This data is also, I'm 99% sure, transmitted in plaintext
I was curious about this, so I did some research.
First, if you run `ssh -v`, you can see that there's a key exchange (eg, Diffie-Hellman), then a cipher and MAC are negotiated, and only once you get to the user authentication portion do your public keys get sent to the server.
So, only Alice and Bob can see the public keys: not Mallory.
If you have multiple ssh keys, that can easily make you run out of login attempts. I have a key per server/client pair (because I'm weird), all stuffed into my ssh-agent, so that breaks basically all logins for me.
Belphemur|8 years ago
Configuring your ssh correctly would avoid a specific system to link you to another one. More privacy issue than security.
openasocket|8 years ago
scott_karana|8 years ago
I was curious about this, so I did some research.
First, if you run `ssh -v`, you can see that there's a key exchange (eg, Diffie-Hellman), then a cipher and MAC are negotiated, and only once you get to the user authentication portion do your public keys get sent to the server.
So, only Alice and Bob can see the public keys: not Mallory.
Further reading: SSH transport layer, https://tools.ietf.org/html/rfc4253
mook|8 years ago