[J65nko]

From http://www.theregister.co.uk/2013/04...by_management/

Quote:

Tatu Ylonen, author of the SSH protocol, isn't afraid of criticising his own work: he's calling for a new version of the Secure Shell to make it more manageable and get rid of the problem of undocumented rogue keys.

In this IETF Draft, Ylonen proposes a regime for key management, including key discovery, to overcome the problem. The draft, co-authored by NIST's Murugiah Souppaya and Secure IT's Greg Kent, proposes guidelines for “discovering, remediating, and continuously managing SSH user keys and other authentication credentials”.