From owner-freebsd-security@FreeBSD.ORG  Tue Jun 26 02:13:02 2012
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52])
	by hub.freebsd.org (Postfix) with ESMTP id 1BFDD106564A;
	Tue, 26 Jun 2012 02:13:02 +0000 (UTC)
	(envelope-from wollman@hergotha.csail.mit.edu)
Received: from hergotha.csail.mit.edu
	(wollman-1-pt.tunnel.tserv4.nyc4.ipv6.he.net
	[IPv6:2001:470:1f06:ccb::2])
	by mx1.freebsd.org (Postfix) with ESMTP id B65788FC12;
	Tue, 26 Jun 2012 02:13:01 +0000 (UTC)
Received: from hergotha.csail.mit.edu (localhost [127.0.0.1])
	by hergotha.csail.mit.edu (8.14.5/8.14.5) with ESMTP id q5Q2D07W063849; 
	Mon, 25 Jun 2012 22:13:00 -0400 (EDT)
	(envelope-from wollman@hergotha.csail.mit.edu)
Received: (from wollman@localhost)
	by hergotha.csail.mit.edu (8.14.5/8.14.4/Submit) id q5Q2D0sr063846;
	Mon, 25 Jun 2012 22:13:00 -0400 (EDT) (envelope-from wollman)
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Message-ID: <20457.6828.250844.390589@hergotha.csail.mit.edu>
Date: Mon, 25 Jun 2012 22:13:00 -0400
From: Garrett Wollman <wollman@bimajority.org>
To: Doug Barton <dougb@freebsd.org>
In-Reply-To: <4FE916AA.6050503@FreeBSD.org>
References: <CA+QLa9A4gdgPEn3YBpExTG05e4mqbgxr2kJ16BQ27OSozVmmwQ@mail.gmail.com>
	<86zk7sxvc3.fsf@ds4.des.no>
	<CA+QLa9Dyu96AxmCNLcU8n5R21aTH6dStDT004iA516EH=jTkvQ@mail.gmail.com>
	<20120625023104.2a0c7627@gumby.homeunix.com>
	<86pq8nxtjp.fsf@ds4.des.no>
	<20120625223807.4dbeb91d@gumby.homeunix.com>
	<4FE8DF29.50406@FreeBSD.org>
	<20120625235310.3eed966e@gumby.homeunix.com>
	<4FE8F814.5020906@FreeBSD.org>
	<20120626015323.02b7f348@gumby.homeunix.com>
	<4FE9094A.4080605@FreeBSD.org>
	<20120626024624.4c333bd2@gumby.homeunix.com>
	<4FE916AA.6050503@FreeBSD.org>
X-Mailer: VM 7.17 under 21.4 (patch 22) "Instant Classic" XEmacs Lucid
X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.2.7
	(hergotha.csail.mit.edu [127.0.0.1]);
	Mon, 25 Jun 2012 22:13:00 -0400 (EDT)
X-Spam-Status: No, score=-1.0 required=5.0 tests=ALL_TRUSTED
	autolearn=disabled version=3.3.2
X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on
	hergotha.csail.mit.edu
X-Mailman-Approved-At: Tue, 26 Jun 2012 02:20:17 +0000
Cc: freebsd-security@freebsd.org
Subject: Re: Hardware potential to duplicate existing host keys... RSA DSA
 ECDSA was Add rc.conf variables...
X-BeenThere: freebsd-security@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "Security issues \[members-only posting\]"
	<freebsd-security.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
	<mailto:freebsd-security-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-security>
List-Post: <mailto:freebsd-security@freebsd.org>
List-Help: <mailto:freebsd-security-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
	<mailto:freebsd-security-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 26 Jun 2012 02:13:02 -0000

<<On Mon, 25 Jun 2012 18:55:54 -0700, Doug Barton <dougb@freebsd.org> said:

> Right. That's what Dag-Erling and I have been saying all along. If you
> have the private host key you can impersonate the server. That's not a
> MITM attack. That's impersonating the server.

If you can impersonate an ssh server, you can also do MitM, if the
client isn't using an authentication mechanism that is securely tied
to the ephemeral DH key protecting the session.  Not clear that this
makes any difference in practice.

-GAWollman