recovering SSH2 sessions while knowing the key and how to have it
anton at chuvakin.org
Tue Mar 19 04:50:09 EST 2002
Markus and other esteemed members of openssh-dev,
Thanks a lot for the response. I am sorry that my question was a bit vague
and open-ended (admittedly, not a good idea for such a mailing list).
>>Namely, I want it to covertly broadcast the session key, so
>>sniffing the session, the contents can be recovered.
>for protocol 1 all you need is
>for protocol 2 you have to check
Thanks for the tip. But (as I even pointed out in my message), knowing the
key will not get me very far, since I will end up with a bunch of traffic
dumps and a key. Is there any way (that you can think of) to use ssh
itself to recover the session from those files? It pains me to think that
the only solution will be to write a code to do it from scratch using
SSH2 protocol knowledge. ;-) BTW, I have tools to recover ssh1 sessions
and my main interest is in ssh2.
Anton A. Chuvakin, Ph.D.
More information about the openssh-unix-dev