Hardware potential to duplicate existing host keys... RSA DSA
ECDSA was Add rc.conf variables...
RW
rwmaillists at googlemail.com
Mon Jun 25 22:53:16 UTC 2012
On Mon, 25 Jun 2012 14:59:05 -0700
Doug Barton wrote:
> >> Having a copy of the host key allows you to do one thing and one
> >> thing only: impersonate the server. It does not allow you to
> >> eavesdrop on an already-established connection.
> >
> > It enables you to eavesdrop on new connections,
>
> Can you describe the mechanism used to do this?
Through a MITM attack if nothing else
>
> > and eavesdroppers
> > are often in a position to force reconnection on old ones.
>
> If you can get on the network link between the client and the host,
> yes, you can force an existing connection to drop. But that doesn't
> require the host's secret key.
I didn't say it did, I was referring to the statement: "It does not
allow you to eavesdrop on an already-established connection."
> >> If the server is set up to require key-based user authentication,
> >> an attacker would also have to obtain the user's key to mount an
> >> effective man-in-the-middle attack.
> >
> > If an attacker is only interested in a specific client, it may not
> > be any harder to break the second public key, than the first one.
>
> Well that's just plain nonsense. The moon "may" be made of green
> cheese.
It depends on the nature of the attack, but the possibility that two
arbitrary keys are of similar strength under a specific attack is not
on a par with the moon being made of cheese.
More information about the freebsd-security
mailing list