Fred, > All of a > sudden I have to connect to different host at > the far end, one for which I don't have the > public key fingerprint. I've telnetted into the > host, but then thought better of querying the > host for a public key fingerprint, since it would > be displayed over an insecure channel. It > would totally defeat the purpose of confirming > the host's public key fingerprint.
Not so - it doesn't matter if the public key is displayed on an insecure channel - it's public! The theory is that you can make your public key public (in fact, you're encouraged to disseminate it widely, so that an attacker can't masquerade as you - if you public key is available in a dozen places, it makes it hard for an attacker to put up a false PK and advertise it as yours) cos it's of no use to anyone without the private key to go with it. > How likely is > it that someone would be waiting right there > and right then to get the public key fingerprint > just to pretend to be the far-end host the next > time you connect? But they can't pretend to be host just by having its public key. Your password is encrypted with this PK, making it useless to anyone but your host (which holds the private key) An attacker (man-in-the-middle) could present you with a false PK (for which he holds the private key) and *then* he could decrypt your reply and get your password. This is why you shouldn't accept public keys on trust - get copies from all the hosts you're wanting to connect to, or phone somebody at the other end and get them to read the public key fingerprint to you! > Would it be a reasonable > risk to query the host for its public key fingerprint > over an insecure telnet session, considering that > you never have to repeat the query and thus > never run the risk again? If you're sure that you're talking to the host, it doesn't hurt (except that your telnet password could be sniffed... but that's another story) - the "proper" way to do it is to get the fingerprint of the public key when you install ssh on the servers, or get a copy via a trusted channel (telephone, postcard, whatever...). The main point is - it doesn't matter a hoot whether an attacker sees the public key fingerprint - he can't do a thing with it. (all the above may not apply when man-in-the middle is the NSA, psychic, or you're using less bits of encryption than sensible. Also note that I don't know jack about any of this - corrections welcome) -- Illtud Daniel [EMAIL PROTECTED] Uwch Ddadansoddwr Systemau Senior Systems Analyst Llyfrgell Genedlaethol Cymru National Library of Wales Yn siarad drosof fy hun, nid LlGC - Speaking personally, not for NLW --------------------------------------------------------------------- To unsubscribe, mail [EMAIL PROTECTED] with the line: 'unsubscribe vnc-list' in the message BODY See also: http://www.uk.research.att.com/vnc/intouch.html ---------------------------------------------------------------------
