Re: spoof rsa fingerprint

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Sat, 2009-11-14 at 15:09 -0800, Eugeneapolinary Ju wrote:
> When I first log in to my router [192.168.1.1] through ssh, it says:
> 
> The authenticity of host 'XXXX.XX (192.168.1.1)' can't be established.
> RSA key fingerprint is 51:c6:d1:7a:45:c4:74:3e:31:ee:3a:5a:2d:e1:bf:74.
> Are you sure you want to continue connecting (yes/no)?
> 
> that's OK [it gets stored in the known_hosts file, on my client machine].
> 
> But:
> 
> what happens, if someone turns off my router, then installs a pc with ip 192.168.1.1?
> 
> And! - it spoofs _the same rsa fingerprint_, that was on my router.
>
> Then, when I want to log in to 192.168.1.1, I will type my password, and it will stole my password...
>
> So the question is:
> 
> Could that be possible, to spoof the rsa_fingerprint? [because the router say's the fingerprint when first logging in to it, etc..so could that be spoofed?]

The fingerprint is simply a hash of the router's full public key.
Spoofing the fingerprint still won't enable the spoofer to understand
encrypted communications sent to them (which will continue to use the
router's genuine public key since the client hasn't noticed anything
changed). The spoofer can't guess the private key from the public key
without physical access to the router.

If the spoofer generates its own public/private key pair, the client
will notice that the signature changed. That's the point of the warning
message.

See http://www.securityfocus.com/infocus/1806

poc

-- 
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [Fedora Magazine]     [Fedora News]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [SSH]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux