please decrypt your manuals
Andreas Gunnarsson
andreas at zzlevo.net
Thu Apr 8 16:24:04 EST 2010
On Wed, Apr 07, 2010 at 09:24:57PM +0200, Peter Stuge wrote:
> MITM is easy if the TCP session can be rerouted, but it's not
> possible to perform undetected MITM attack without access to the
> server host key.
And if user authentication is done with public keys then a man in the
middle attack isn't possible even if the attacker knows the private part
of the host key. At least not unless the server or the client has been
compromised in other ways, e.g. if it is using a broken random number
generator.
Andreas
More information about the openssh-unix-dev
mailing list