On Thu, 22 May 2008, Till Maas wrote: > On Thu May 22 2008, Mike McGrath wrote: > > > Client tries to ssh to Server A > > > > Server A generates a random number, encrypts it with pub, sends it to the > > client > > > > The client decrypts this number with private key and sends it back to A. > > > > Bam! Shell. > > > The public key authentication does not work this way. > > > The guys in #openssh are saying this isn't possible but I wasn't convinced > > with their reason (basically that server B doesn't have server A's > > host keys). Can someone else explain why the above isn't possible? > > To authenticate, the client needs to sign a session identifier (and some other > information) with his private key and send the signature to the server. The > session identifier is a hash of several data that includes the host key. > So what you're saying is it is impossible to do a man in the middle attack with OpenSSH (assuming the host keys of the server haven't been compromised) ? -Mike _______________________________________________ Fedora-infrastructure-list mailing list Fedora-infrastructure-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-infrastructure-list
