[OT] ssh security

perryh at pluto.rain.com perryh at pluto.rain.com
Wed Mar 10 06:13:11 UTC 2010

Olivier Nicole <Olivier.Nicole at cs.ait.ac.th> wrote:
> > What happened to Diffie-Hellman?  Last I heard, its whole
> > point was to enable secure communication, protected from both
> > eavesdropping and MIM attacks, between systems having no prior
> > trust relationship (e.g. any sort of pre-shared secret) ...
> I am not expert in cryptography ...

Nor am I

> but logic tends to tell me that is I have no prior knowledge about
> the person I am about to talk to, anybody (MIM) could pretend to
> be that person.
> The pre-shared information need not to be secret ... but there is
> need for pre-shared trusted information.

Er, if the pre-shared information is not secret, how can I be sure
that the person presenting it is in fact my intended correspondent
and not a MIM?  My impression is that Diffie-Hellman (somehow) solves
this sort of problem.

More information about the freebsd-questions mailing list