please decrypt your manuals

Andreas Gunnarsson andreas at zzlevo.net
Tue Apr 20 05:59:24 EST 2010


> And if user authentication is done with public keys then a man in the
> middle attack isn't possible even if the attacker knows the private
> part of the host key.[...]

On Mon, Apr 19, 2010 at 12:06:33AM -0700, Doru Georgescu wrote:
> If the attacker knows the server's private host key, and all public
> keys, then it could impersonate the server in front of the client. Why
> not?

It can impersonate the server, but not perform a man in the middle
attack. Simplified, it's because it can't forge the Diffie-Hellman
exchange which affects the session ID which is signed by the user's key.
See the RFCs (4252 and 4253 I think) for a detailed explanation how it
works.

Of course, this is probably mostly of interest in theory since a
compromised private server key may be an indication that the entire
server is compromised.

   Andreas


More information about the openssh-unix-dev mailing list