From owner-freebsd-security@FreeBSD.ORG Tue Jun 26 00:53:29 2012 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 9B62C106564A for ; Tue, 26 Jun 2012 00:53:29 +0000 (UTC) (envelope-from rwmaillists@googlemail.com) Received: from mail-wi0-f178.google.com (mail-wi0-f178.google.com [209.85.212.178]) by mx1.freebsd.org (Postfix) with ESMTP id 210018FC08 for ; Tue, 26 Jun 2012 00:53:28 +0000 (UTC) Received: by wibhr14 with SMTP id hr14so1369168wib.13 for ; Mon, 25 Jun 2012 17:53:28 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=20120113; h=date:from:to:subject:message-id:in-reply-to:references:x-mailer :mime-version:content-type:content-transfer-encoding; bh=kWqNLf4aTWSOhzmtA+h5rRXdIR4y34lCmlVLXWc3KnQ=; b=kdZ8Ca4fQcZ/UhC5cmmT9rsMWxrXQNcHVuYWTS9zjkEpyfo0dRD9Jql5YxsJh6sbnI +dOw6VT+Bm1RMSyifpP5WFuvw7A9FxjnqjYr+aaYeZgBGzmNtjI+0T+HEyT+UeQugKKM i4b5V60/ZACpMCF2+2MGtiejZwZtFYmYxMh6N3z7ItSKIxZWdJDJsZThSMZIn7QMD0SN cSQYHICywZnYPbotAfNQMlR4rBl6Sf+Ot40H38GbIMAJujas7/4MJePE1wRGEWoE1s6z GTPp2YGf9OAjefJk2fQkmVQV7/tqIbEmhsVIvGgsQpGSP/3i+Nre2kj9tXwLSRMBcoCN sbXA== Received: by 10.180.97.165 with SMTP id eb5mr3189929wib.0.1340672008148; Mon, 25 Jun 2012 17:53:28 -0700 (PDT) Received: from gumby.homeunix.com (87-194-105-247.bethere.co.uk. [87.194.105.247]) by mx.google.com with ESMTPS id fm1sm1122718wib.10.2012.06.25.17.53.26 (version=SSLv3 cipher=OTHER); Mon, 25 Jun 2012 17:53:27 -0700 (PDT) Date: Tue, 26 Jun 2012 01:53:23 +0100 From: RW To: freebsd-security@freebsd.org Message-ID: <20120626015323.02b7f348@gumby.homeunix.com> In-Reply-To: <4FE8F814.5020906@FreeBSD.org> References: <86zk7sxvc3.fsf@ds4.des.no> <20120625023104.2a0c7627@gumby.homeunix.com> <86pq8nxtjp.fsf@ds4.des.no> <20120625223807.4dbeb91d@gumby.homeunix.com> <4FE8DF29.50406@FreeBSD.org> <20120625235310.3eed966e@gumby.homeunix.com> <4FE8F814.5020906@FreeBSD.org> X-Mailer: Claws Mail 3.8.0 (GTK+ 2.24.6; amd64-portbld-freebsd8.3) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Subject: Re: Hardware potential to duplicate existing host keys... RSA DSA ECDSA was Add rc.conf variables... X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 26 Jun 2012 00:53:29 -0000 On Mon, 25 Jun 2012 16:45:24 -0700 Doug Barton wrote: > On 06/25/2012 15:53, RW wrote: > > On Mon, 25 Jun 2012 14:59:05 -0700 > > Doug Barton wrote: > > > >>>> Having a copy of the host key allows you to do one thing and one > >>>> thing only: impersonate the server. It does not allow you to > >>>> eavesdrop on an already-established connection. > >>> > >>> It enables you to eavesdrop on new connections, > >> > >> Can you describe the mechanism used to do this? > > > > Through a MITM attack if nothing else > > Sorry, I wasn't clear. Please describe, in precise, reproducible > terms, how one would accomplish this. Or, link to known script-kiddie > resources ... whatever. My point being, I'm pretty confident that > what you're asserting isn't true. But if I'm wrong, I'd like to learn > why. Servers don't always require client keys for authentication. If they don't then a MITM attack only needs the server's key.