Am I correct in assuming that the user and host public/private keys used in openSSH are only used for authentication (is the remote server known to be X, is this Harry trying to login), and have no role in the encryption? I was under the assumption that each connection used a newly generated key (using DH for key exchange) so each session was unique. (I believe this because the transport layer needs to be set up before user keys are even presented, and rfc4253 #6.3 doesn't mention the host key). I'm being asked to provide private keys to allow network sniffing (problem analysis) but I'm not sure this is the right thing to do because I'm not convinced these keys are used as part of the encryption! Thanks... -- rgds Stephen _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
