[OT] ssh security
norgaard at locolomo.org
Wed Mar 10 07:33:13 UTC 2010
On 10/03/10 07:16, perryh at pluto.rain.com wrote:
>> but logic tends to tell me that is I have no prior knowledge about
>> the person I am about to talk to, anybody (MIM) could pretend to
>> be that person.
True. Cryptography by it self does not solve the identity problem.
>> The pre-shared information need not to be secret ... but there is
>> need for pre-shared trusted information.
> Er, if the pre-shared information is not secret, how can I be sure
> that the person presenting it is in fact my intended correspondent
> and not a MIM? My impression is that Diffie-Hellman (somehow) solves
> this sort of problem.
The preshared information, in this case the key fingerprint, is a
fingerprint of the public key, without this, you cannot produce the
Yes, the fingerprint is calculated from the public key, which is .. er
.. public, but that's not a problem since anything encrypted with the
public key can only be decrypted by the owner of the private key.
In the session setup public keys are exchanged, on the basis of this key
you calculate the fingerprint and compare with the one you have stored.
If they do not match, connection is closed.
So, the MIM attack must be launched the very first time a user connects.
This is where the user trusts the identity of the owner of the private
key. The known_hosts file is only kept so you don't have to verify and
trust the key every time.
If you worry about that kind of attack, then you should provide a method
for verifying the fingerprint through a different channel, say users
call support and have them read out the fingerprint, publish it on some
separate server, or pre-install it on their computer when the account is
Diffie-Hellman does not solve this problem. DH is a protocol for
agreeing on a shared secret in public, but it does not solve the
Ph: +34.666334818/+34.915211157 http://www.locolomo.org
More information about the freebsd-questions