Cross-Silo Connectivity · Deep dive 03

SSH trust across silos, after the year of OpenSSH bugs

2025's OpenSSH MitM key-confusion flaw hit exactly where silos trust each other. Host-key verification, certificate-based SSH and PKI hygiene across the boundary.

Draft outline · Security / cryptography lens
The anchor

In February 2025 Qualys TRU disclosed CVE-2025-26465 (a machine-in-the-middle flaw where the client can accept an attacker's key, breaking connection integrity) and CVE-2025-26466 (a pre-auth denial of service), on top of 2024's regreSSHion RCE (CVE-2024-6387). SSH trust between silos is exactly where a key-confusion bug bites.

Sources we build on
Primary

Original research disclosing the flaws and explaining the machine-in-the-middle mechanism.

Journalism
Ars Technica / The Register OpenSSH coverage

Independent technical reporting on impact and remediation for a general reader.

Article outline
  1. Where silos trust via SSH. Automation, admin access and file transfer across boundaries.
  2. The 2025 key-confusion flaw. How a MitM makes the client trust the wrong key.
  3. Host-key verification done right. Known-hosts, pinning, and why it is skipped.
  4. Certificate-based SSH. Short-lived certs instead of sprawling authorized_keys.
  5. PKI hygiene across the boundary. Issuance, rotation, revocation that actually works.
How it aligns to what we do

A cryptography and security piece that grounds the cross-silo auth plumbing in a concrete 2025 vulnerability. It shows the practical, hands-on detail (host keys, SSH certs, PKI) that signals experienced practitioners rather than slideware.

Points to hit
Control it ratifies
ISM / E8 ISM cryptography, secure-administration and key-management controls; supports E8 restrict-admin where SSH is the admin path.