On 24.07.2013 09:11, Jakob Unterwurzacher wrote: > With RSA, the sessions should be protected using a random per-session > key exchanged using diffie-hellmann that does not depend on the > private key for its security. > > I will try to find a definitive source for that and follow-up here.
Found it. The buzzword is "perfect forward secrecy" (PFS), and SSH - both version 1 and 2 - have it. It's explained very nicely in [1] and [2], but for the definitive source I'm just gonna quote the sshd_config manpage: > KeyRegenerationInterval > In protocol version 1, the ephemeral server > key is automatically regenerated after this many seconds (if it has > been used). The purpose of regeneration is to prevent decrypting > captured sessions by later breaking into the machine and stealing the > keys. The key is never stored anywhere. SSHv2 does it differently but achieves the same goal. Conclusion: SSH to thin clients is secure against passive eavesdropping, even if the host key is shared. However, do NOT use a password to log into the thin client, this is insecure! Alkis, I'd suggest to not delete the host key, instead to make sure that passwords are not allowed in sshd_config, i.e. PasswordAuthentication no Best regards, Jakob References: [1] http://utcc.utoronto.ca/~cks/space/blog/tech/SshForwardSecrecy [2] http://docstore.mik.ua/orelly/networking_2ndEd/ssh/ch03_05.htm ------------------------------------------------------------------------------ See everything from the browser to the database with AppDynamics Get end-to-end visibility with application monitoring from AppDynamics Isolate bottlenecks and diagnose root cause in seconds. Start your free trial of AppDynamics Pro today! http://pubads.g.doubleclick.net/gampad/clk?id=48808831&iu=/4140/ostg.clktrk _____________________________________________________________________ Ltsp-discuss mailing list. To un-subscribe, or change prefs, goto: https://lists.sourceforge.net/lists/listinfo/ltsp-discuss For additional LTSP help, try #ltsp channel on irc.freenode.net
