On Fri, Jul 29, 2005 at 06:31:09PM -0700, Bill - WA7NWP wrote: > Suppose I captured all the packets of a SSH encrypted exchange. Would > it be possible to decode the contents of the exchange IF one had both > the public and private keys? > > If so, then we hams should be able to use SSH for amateur radio > operations as long as we publish the keys - no?
ssh uses the Diffie-Hellman algorithm to exchange randomly generated session keys. These keys are generated on the fly and destroyed at the end of the session or replaced after a certain time with new keys. The special propertie of the Diffie-Hellman algorithm is that it permits the secure exchange of the session keys even if the session is being evedropped uppon. Diffie-Hellman is vulnerable against a man in the middle attack however, so the data packets used in the key exchange are secured against this kind of attach using public key cryptography. The bottom line of all this is no, publishing the RSA or DSA public keys is useless as they're not being used for cryptography nor can their knowledge be used to decrypt anything. Ssh is a pretty smart protocol :-) Ralf - To unsubscribe from this list: send the line "unsubscribe linux-hams" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
