From owner-freebsd-security@FreeBSD.ORG  Mon Jun 25 16:09:17 2012
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52])
	by hub.freebsd.org (Postfix) with ESMTP id F04B31065670
	for <freebsd-security@freebsd.org>;
	Mon, 25 Jun 2012 16:09:16 +0000 (UTC) (envelope-from des@des.no)
Received: from smtp.des.no (smtp.des.no [194.63.250.102])
	by mx1.freebsd.org (Postfix) with ESMTP id 7226F8FC14
	for <freebsd-security@freebsd.org>;
	Mon, 25 Jun 2012 16:09:16 +0000 (UTC)
Received: from ds4.des.no (smtp.des.no [194.63.250.102])
	by smtp.des.no (Postfix) with ESMTP id 5AB706B29;
	Mon, 25 Jun 2012 16:09:15 +0000 (UTC)
Received: by ds4.des.no (Postfix, from userid 1001)
	id 277268B5F; Mon, 25 Jun 2012 18:09:15 +0200 (CEST)
From: =?utf-8?Q?Dag-Erling_Sm=C3=B8rgrav?= <des@des.no>
To: RW <rwmaillists@googlemail.com>
References: <CA+QLa9A4gdgPEn3YBpExTG05e4mqbgxr2kJ16BQ27OSozVmmwQ@mail.gmail.com>
	<86zk7sxvc3.fsf@ds4.des.no>
	<CA+QLa9Dyu96AxmCNLcU8n5R21aTH6dStDT004iA516EH=jTkvQ@mail.gmail.com>
	<20120625023104.2a0c7627@gumby.homeunix.com>
Date: Mon, 25 Jun 2012 18:09:14 +0200
In-Reply-To: <20120625023104.2a0c7627@gumby.homeunix.com> (RW's message of
	"Mon, 25 Jun 2012 02:31:04 +0100")
Message-ID: <86pq8nxtjp.fsf@ds4.des.no>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/23.3 (berkeley-unix)
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
Cc: freebsd-security@freebsd.org
Subject: Re: Hardware potential to duplicate existing host keys... RSA DSA
	ECDSA was Add rc.conf variables...
X-BeenThere: freebsd-security@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "Security issues \[members-only posting\]"
	<freebsd-security.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
	<mailto:freebsd-security-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-security>
List-Post: <mailto:freebsd-security@freebsd.org>
List-Help: <mailto:freebsd-security-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
	<mailto:freebsd-security-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 25 Jun 2012 16:09:17 -0000

RW <rwmaillists@googlemail.com> writes:
> Dag-Erling Sm=C3=B8rgrav <des@des.no> writes:
> > You do know that these keys are used only for authentication, and
> > not for encryption, right?
> I'm not very familiar with ssh, but surely they're also used for
> session-key exchange, which makes them crucial to encryption. They
> should be as secure as the strongest symmetric cipher they need to work
> with.

No.  They are used for authentication only.  This is crypto 101.

Having a copy of the host key allows you to do one thing and one thing
only: impersonate the server.  It does not allow you to eavesdrop on an
already-established connection.

If the server is set up to require key-based user authentication, an
attacker would also have to obtain the user's key to mount an effective
man-in-the-middle attack.

DES
--=20
Dag-Erling Sm=C3=B8rgrav - des@des.no