please decrypt your manuals

Andreas Gunnarsson andreas at
Thu Apr 8 16:24:04 EST 2010

On Wed, Apr 07, 2010 at 09:24:57PM +0200, Peter Stuge wrote:
> MITM is easy if the TCP session can be rerouted, but it's not
> possible to perform undetected MITM attack without access to the
> server host key.

And if user authentication is done with public keys then a man in the
middle attack isn't possible even if the attacker knows the private part
of the host key. At least not unless the server or the client has been
compromised in other ways, e.g. if it is using a broken random number


More information about the openssh-unix-dev mailing list