SSH1 ephemeral server key and SSH2 Diffie Hellman
From: mikhail malamud (mmalamud_at_comcast.net)
Date: Thu, 10 Nov 2011 21:43:10 -0500 To: firstname.lastname@example.org
Hi. I am new to SSH so forgive me if this question had been asked
In SSH 1, sshd is using (optionally) an ephemeral server key which is
used in conjunction with host key to establish session key between the
client and the server.
In SSH2, ephemeral server key is no longer used and Diffie Hellman is
used instead to establish the session key. My questions are:
1. What security concerns were mitigated/created by using ephemeral
1a. In SSH1 when say we re-created ephemeral server key, is this
simply taking proactive security measures or were there known exploits
that could ve been avoided had the key been re-created more often?
2. How those risks were re-solved by using Diffie Hellman?
I apreciate any help. Thank You.