On Mon, 25 Jun 2012 18:55:54 -0700 Doug Barton wrote:
> >> My point is that the ssh protocol is designed specifically to > >> prevent what you're describing. > > > > If you've obtained the server's private key by breaking the public > > key you can accept connections from clients just as if you are are > > the real server. > > Right. That's what Dag-Erling and I have been saying all along. If you > have the private host key you can impersonate the server. That's not a > MITM attack. That's impersonating the server. If only the server is authenticated, then impersonating the server is the only impediment to a MITM attack (aside from intercepting the netwok traffic). If the server has client keys then obviously it wont work. > > If the server doesn't store client keys then there's > > nothing to stop you establishing a separate connection with any > > client side key and performing a MITM attack. > > Last chance ... how, precisely, do you claim to be able to do this? What's to stop you doing it where there's no authentication of clients? All the attacker needs to do is establish an ssh connection to the server and relay what he's getting from the original client. The situation is analogous to performing a MITM attack against a website where the ssl keys have been stolen by the attacker. _______________________________________________ freebsd-security@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "freebsd-security-unsubscr...@freebsd.org"
