>>>>> "kmself" == kmself <kmself@ix.netcom.com> writes:
kmself> Sorry?
kmself> - I establish a private RSA authentication key for ssh.
kmself> - I send the corresponding public key to remoteserver. -
kmself> You intercept the transmission and replace my public key
kmself> with yours.
I assume you intend to login to the remote server. That means that you
want to put your public key in authorised_keys (IIRC) on the remote
host. However, since I intercepted the message, my key goes in
authorised_keys instead.
kmself> I can now:
kmself> - *Not* access the host I'd intended to provide access
kmself> to (wrong public key).
Correct up to here.
kmself> - Possibly be tricked into
kmself> accessing a host of your chosing via your key.
Incorrect. You are getting the *host*'s public key mixed up with
*your* public key. This is your public key we are talking about here
(or so I believe).
Now that *my* public key is in authorised_keys on the remote host
(instead of your public key), I can now log into that remote host as
you.
The host's public key travels in the opposite direction, but lets not
complicate matters too much...
--
Brian May <[EMAIL PROTECTED]>
