I've found: ***** Because MACs use a 32-bit sequence number, they might start to leak information after 2**32 packets have been sent. However, following the rekeying recommendations should prevent this attack. ..... the transport protocol provides a unique session identifier ..... the authentication protocol ([SSH-USERAUTH]) uses this to prevent replay of signatures from previous sessions. ..... Essentially, a different sequence number in each packet ensures that at least this one input to the MAC function will be unique and will provide a nonrecurring MAC output that is not predictable to an attacker. ***** Ref: http://www.ietf.org/rfc/rfc4251.txt
For collisions, see the ref. note. What I understand is that session identfier and sequence number are used for data integrity. So, any wrong packet can not be handled by TCP layer, will be examined in SSH layer. dgü. On Tue, 22 Apr 2014 03:50:17 -0400, Danisment Gazi Unal <[email protected]> wrote: > Hello! > > I've a fix port to bind. But, I want to rebind this port even if it's in > TIME_WAIT state. So, I want to use Socket.setReuseAddress(true). > > But, when enabled SO_REUSEADDR, as mentioned at > http://developerweb.net/viewtopic.php?id=2941, there is a risk that new > connection using same server,serverport,client,clientport TCP tuple may > receive network packet from old connection. does SSH protocol handle this > confusion ? > > As a result, I am asking that can I use Socket.setReuseAddress(true) > safely > in SSH connections ? > > thanks. ------------------------------------------------------------------------------ Start Your Social Network Today - Download eXo Platform Build your Enterprise Intranet with eXo Platform Software Java Based Open Source Intranet - Social, Extensible, Cloud Ready Get Started Now And Turn Your Intranet Into A Collaboration Platform http://p.sf.net/sfu/ExoPlatform _______________________________________________ JSch-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/jsch-users
