RE: Decrypting an ssh session knowing the private key?



I would like to write a program that could deycrypt ssh
communication by using the private key of the server
computer. This should be possable right? And I should be able
to use libraries the openssh has already writen. In fact the
majority of the code should already be writen right? I should
just need to send a packet with the private key to a function right?

You'd also need the user's private key.



Relevant Pages

  • [OT] Re: RSA implementation, please comment.
    ... on a separate server is actually a very good idea, ... This web front uses a well defined and secure ... Don't store the private key on the server. ... Every client gets a smartcard for the decryption (or a HSM, ...
    (comp.lang.perl.misc)
  • Re: Using RSA key _and_ password
    ... Something you have (Private Key) ... Asked for via the password authentication feature. ... The issue is having the server require both authentication methods. ... OpenSSH should be able to do this. ...
    (SSH)
  • now SSL and ids ( was Re: ssh and ids )
    ... > How many simultaneous SSL sessions can be tracked? ... qualifies as a third party having access to the private key. ... communicate with the server in the clear. ... > best protection against covert channels is to stop the attacker before ...
    (Focus-IDS)
  • Re: TIPS FOR THE NEWCOMER
    ... As long as the private key is readable by the ssh client when it comes ... When the ssh client connects to the server, ... private key which matches the public key. ...
    (SSH)
  • Re: Private key generation
    ... As I wrote in my first answer to that thread - there are many situations when key pair is generated on trusted server. ... identity based encryption) simply requires generation of private key on server... ... High assurance keys (especially these that afterward are split in multiple shares using secret sharing schemes) may also require use of specialized equipment and computers that runs in a tempest/EM shielded locations. ... Default scenario supported by Microsoft Certificate Server is the most standard CA mode when CA just signs X509 certificate with emedded public keys. ...
    (microsoft.public.dotnet.security)