Re: Need some education: Man-in-the-Middle Attacks
- From: Eygene Ryabinkin <rea-sec@xxxxxxxxxxx>
- Date: Mon, 4 Sep 2006 16:56:17 +0400
Nathan,
Pardon me, but (citing RFC4251, section 4.1)I've simplified this quite a bit, but I hope this is enough to answer
your question without getting too confusing. ;-)
Please, read the RFC 4253 and do not oversimplify the things: there is
no challenges in establishing the initial shared secret in SSH transport
layer.
You are refering to the wrong RFC, we are not talking about the
transport layer here, we are talking about the connection layer, info
on this can be found in RFC 4251(SSH Protocol Architecture - section
4.1).
-----
The server host key is used during key exchange to verify that the
client is really talking to the correct server. For this to be
possible, the client must have a priori knowledge of the server's
public host key.
-----
And the key exchange is done in the transport layer.
Moreover, section 9.3.4 called 'Man-in-the-middle' recides in the section
9.3 called 'Transport' in the same RFC4251. Don't you think that is
means something ;))
The initial shared secret is established after you have performed theHost key checking is performed during the Diffie-Helmann exchange
host key checking.
at least, see RFC4253, section 8.
Am I wrong?
--
Eygene
- References:
- Re: Need some education: Man-in-the-Middle Attacks
- From: Eygene Ryabinkin
- Re: Need some education: Man-in-the-Middle Attacks
- From: Nathan Jackson-Eeles
- Re: Need some education: Man-in-the-Middle Attacks
- Prev by Date: Re: Need some education: Man-in-the-Middle Attacks
- Next by Date: RE: openssh: Enabling sftp, but disabling ssh?
- Previous by thread: Re: Need some education: Man-in-the-Middle Attacks
- Next by thread: Re: Need some education: Man-in-the-Middle Attacks
- Index(es):
