Date: Mon, 25 Jun 2012 18:09:14 +0200 From: =?utf-8?Q?Dag-Erling_Sm=C3=B8rgrav?= <des@des.no> To: RW <rwmaillists@googlemail.com> Cc: freebsd-security@freebsd.org Subject: Re: Hardware potential to duplicate existing host keys... RSA DSA ECDSA was Add rc.conf variables... Message-ID: <86pq8nxtjp.fsf@ds4.des.no> In-Reply-To: <20120625023104.2a0c7627@gumby.homeunix.com> (RW's message of "Mon, 25 Jun 2012 02:31:04 %2B0100") References: <CA%2BQLa9A4gdgPEn3YBpExTG05e4mqbgxr2kJ16BQ27OSozVmmwQ@mail.gmail.com> <86zk7sxvc3.fsf@ds4.des.no> <CA%2BQLa9Dyu96AxmCNLcU8n5R21aTH6dStDT004iA516EH=jTkvQ@mail.gmail.com> <20120625023104.2a0c7627@gumby.homeunix.com>
next in thread | previous in thread | raw e-mail | index | archive | help
RW <rwmaillists@googlemail.com> writes: > Dag-Erling Sm=C3=B8rgrav <des@des.no> writes: > > You do know that these keys are used only for authentication, and > > not for encryption, right? > I'm not very familiar with ssh, but surely they're also used for > session-key exchange, which makes them crucial to encryption. They > should be as secure as the strongest symmetric cipher they need to work > with. No. They are used for authentication only. This is crypto 101. Having a copy of the host key allows you to do one thing and one thing only: impersonate the server. It does not allow you to eavesdrop on an already-established connection. If the server is set up to require key-based user authentication, an attacker would also have to obtain the user's key to mount an effective man-in-the-middle attack. DES --=20 Dag-Erling Sm=C3=B8rgrav - des@des.no
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?86pq8nxtjp.fsf>