<<On Mon, 25 Jun 2012 18:55:54 -0700, Doug Barton <do...@freebsd.org> said:
> Right. That's what Dag-Erling and I have been saying all along. If you > have the private host key you can impersonate the server. That's not a > MITM attack. That's impersonating the server. If you can impersonate an ssh server, you can also do MitM, if the client isn't using an authentication mechanism that is securely tied to the ephemeral DH key protecting the session. Not clear that this makes any difference in practice. -GAWollman _______________________________________________ freebsd-security@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "freebsd-security-unsubscr...@freebsd.org"
