[OT] ssh security
Olivier.Nicole at cs.ait.ac.th
Tue Mar 9 08:48:17 UTC 2010
> What happened to Diffie-Hellman? Last I heard, its whole point was
> to enable secure communication, protected from both eavesdropping
> and MIM attacks, between systems having no prior trust relationship
> (e.g. any sort of pre-shared secret). What stops the server and
> client from establishing a Diffie-Hellman session and using it to
> perform the key exchange?
I am not expert in cryptography, but logic tends to tell me that is I
have no prior knowledge about the person I am about to talk to,
anybody (MIM) could pretend to be that person.
The pre-shared information need not to be secret (key fingerprints are
not secret), but there is need for pre-shared trusted information.
More information about the freebsd-questions