On Mon, 25 Jun 2012 18:09:14 +0200 Dag-Erling Smørgrav wrote: > RW <[email protected]> writes: > > Dag-Erling Smørgrav <[email protected]> writes: > > > You do know that these keys are used only for authentication, and > > > not for encryption, right? > > I'm not very familiar with ssh, but surely they're also used for > > session-key exchange, which makes them crucial to encryption. They > > should be as secure as the strongest symmetric cipher they need to > > work with. > > No. They are used for authentication only. This is crypto 101.
It also generates a shared secret for key exchange, which is pretty much what I said. > Having a copy of the host key allows you to do one thing and one thing > only: impersonate the server. It does not allow you to eavesdrop on > an already-established connection. It enables you to eavesdrop on new connections, and eavesdroppers are often in a position to force reconnection on old ones. > If the server is set up to require key-based user authentication, an > attacker would also have to obtain the user's key to mount an > effective man-in-the-middle attack. If an attacker is only interested in a specific client, it may not be any harder to break the second public key, than the first one. _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "[email protected]"
