Re: spoof rsa fingerprint

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Eugeneapolinary Ju wrote:
> When I first log in to my router [192.168.1.1] through ssh, it says:
> 
> The authenticity of host 'XXXX.XX (192.168.1.1)' can't be established.
> RSA key fingerprint is 51:c6:d1:7a:45:c4:74:3e:31:ee:3a:5a:2d:e1:bf:74.
> Are you sure you want to continue connecting (yes/no)?
> 
> that's OK [it gets stored in the known_hosts file, on my client machine].
> 
> But:
> 
> what happens, if someone turns off my router, then installs a pc
> with ip 192.168.1.1?
> 
> And! - it spoofs _the same rsa fingerprint_, that was on my router.
> 
> Then, when I want to log in to 192.168.1.1, I will type my
> password, and it will stole my password...
> 
> 
> So the question is:
> 
> Could that be possible, to spoof the rsa_fingerprint? [because
> the router say's the fingerprint when first logging in to it, etc..so
> could that be spoofed?]
> 
Only if they can get a copy of the host's private key. When the host
is added to the known_hosts file, what you are really adding it the
hosts public key. This is used to exchange encrypted messages
between the two computers to establish that the server you are
connecting to is the server it says it is. This can not be done if
you do not have the server's public key.

Mikkel
-- 

  Do not meddle in the affairs of dragons,
for thou art crunchy and taste good with Ketchup!

Attachment: signature.asc
Description: OpenPGP digital signature

-- 
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [Fedora Magazine]     [Fedora News]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [SSH]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux