Re: How to decrypt a connection SSH v2?



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Yo Paul

On Thu, 10 Jul 2008, Paul Melson wrote:

On Wed, Jul 9, 2008 at 10:05 PM, Ulises2k <ulises2k@xxxxxxxxx> wrote:
How to decrypt a connection SSH v2?
I have the private and public keys.
I have all sesion sniffed.

I'm afraid that's not enough. SSH implements forward secrecy [1],


- From your wikipedia reference:

"In an authenticated key-agreement protocol that uses public key
cryptography, perfect forward secrecy (or PFS) is the property
that ensures that a session key derived from a set of long-term
public and private keys will not be compromised if one of the
private keys is compromised in the future."

I assume if the attacker has the public and private keys from not just
one, but both ends, that PFS is not an obstacle.

RGDS
GARY
- ---------------------------------------------------------------------------
Gary E. Miller Rellim 109 NW Wilmington Ave., Suite E, Bend, OR 97701
gem@xxxxxxxxxx Tel:+1(541)382-8588

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (GNU/Linux)

iD8DBQFIdiKo8KZibdeR3qURAtBXAKCKtVv1QcGyR5KRX+xClbcPqpy+UwCg8cQe
TVJP26xHZEzt4ipvGkGlK44=
=DWLn
-----END PGP SIGNATURE-----


------------------------------------------------------------------------
This list is sponsored by: Cenzic

Top 5 Common Mistakes in
Securing Web Applications
Get 45 Min Video and PPT Slides

www.cenzic.com/landing/securityfocus/hackinar
------------------------------------------------------------------------