Russell Harding wrote: > Of course it matters if the client has code-injection 'portholes' as you > call them. Someone may be using nasty tricks through ARP, DNS, or even > manipulating routing tables, such that you are not actually connecting to > a host you trust. This is why ssh implements host keys, so you can verify > the authenticicy of the remote host. However, in the case described > above, with SecureCRT, your machine would already be compromised before > host key verification took place. Thanks (and to Jim Paris). I of course did not mean that it was OK for the client to have code injection "portholes". I just meant that the particular exploit path that was described wasn't very interesting since someone who maliciously controls the sshd to which you are speaking has so many other opportunities to exploit you. >Bela<
