[Bug 2822] New: manpage: trojan horse vs. man-in-the-middle
bugzilla-daemon at bugzilla.mindrot.org
bugzilla-daemon at bugzilla.mindrot.org
Tue Jan 23 16:21:16 AEDT 2018
https://bugzilla.mindrot.org/show_bug.cgi?id=2822
Bug ID: 2822
Summary: manpage: trojan horse vs. man-in-the-middle
Product: Portable OpenSSH
Version: 7.5p1
Hardware: All
OS: Linux
Status: NEW
Severity: minor
Priority: P5
Component: ssh
Assignee: unassigned-bugs at mindrot.org
Reporter: maikel at predikkta.com
Hello,
The `ssh_config` man page may be slightly confusing about
StrictHostKeyChecking. I found this sentence:
This provides maximum protection against trojan horse attacks
I always thought the option protects against man-in-the-middle attacks.
I think if the user or the server is compromised via a trojan horse,
the connection is most likely compromised as well, regardless of host
key checking.
--
You are receiving this mail because:
You are watching the assignee of the bug.
More information about the openssh-bugs
mailing list