please decrypt your manuals

Doru Georgescu headset001 at yahoo.com
Wed Apr 21 00:17:41 EST 2010


> And if user authentication is done with public keys then a man in the
> middle attack isn't possible even if the attacker knows the private
> part of the host key.[...]

On Mon, Apr 19, 2010 at 12:06:33AM -0700, Doru Georgescu wrote:
> If the attacker knows the server's private host key, and all public
> keys, then it could impersonate the server in front of the client. Why
> not?

It can impersonate the server, but not perform a man in the middle
attack. Simplified, it's because it can't forge the Diffie-Hellman
exchange which affects the session ID which is signed by the user's key.
See the RFCs (4252 and 4253 I think) for a detailed explanation how it
works.

Of course, this is probably mostly of interest in theory since a
compromised private server key may be an indication that the entire
server is compromised.

   Andreas

---------------

The attacker does not have some private decryption key? Anyway, this is too involved for me now, but thank you anyway. 

Doru 




      


More information about the openssh-unix-dev mailing list