On Wed, 2005-05-11 at 13:34 -0400, Alan Cox wrote: > On Wed, May 11, 2005 at 10:04:12AM -0700, Florin Andrei wrote: > > http://www.schneier.com/blog/archives/2005/05/the_potential_f.html > > > > I can't test it right now, but i wonder - what's the default setting on > > FC4, hash the hosts or not? No, it's currently left as default which means no hashing of known hosts. > I'm not convinced it helps very much. I'll just read every .history file on > your machine and hash the hostnames I find in that against the database. I'd > also try cvs based attacks by using the keys that work and appear to be for > cvs stuff to automate pushing updated autoconf scripts into every cvs I can > 'fix'. > > There are just far too many other ways to identify an ssh host entry/key and > to then use that the same way the analysed user has. Also if the attacker could read the known_hosts file he could also change the user's environment so it instead of ssh calls a malicious script/binary which would log user's credentials and only then called the real ssh binary. -- Tomas Mraz <tmraz@xxxxxxxxxx> -- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx http://www.redhat.com/mailman/listinfo/fedora-devel-list
