[Bug 2822] New: manpage: trojan horse vs. man-in-the-middle

bugzilla-daemon Mon, 22 Jan 2018 21:25:55 -0800

https://bugzilla.mindrot.org/show_bug.cgi?id=2822


            Bug ID: 2822
           Summary: manpage: trojan horse vs. man-in-the-middle
           Product: Portable OpenSSH
           Version: 7.5p1
          Hardware: All
                OS: Linux
            Status: NEW
          Severity: minor
          Priority: P5
         Component: ssh
          Assignee: [email protected]
          Reporter: [email protected]

Hello,

The `ssh_config` man page may be slightly confusing about
StrictHostKeyChecking. I found this sentence:

    This provides maximum protection against trojan horse attacks

I always thought the option protects against man-in-the-middle attacks.
I think if the user or the server is compromised via a trojan horse,
the connection is most likely compromised as well, regardless of host
key checking.

-- 
You are receiving this mail because:
You are watching the assignee of the bug.
_______________________________________________
openssh-bugs mailing list
[email protected]
https://lists.mindrot.org/mailman/listinfo/openssh-bugs

[Bug 2822] New: manpage: trojan horse vs. man-in-the-middle

Reply via email to