On Friday 30 January 2004 11:51, Ariz Jacinto wrote: > but have you tested if the session > is still encrypted even though > the service is down?
oh, no need to test that. it's definitely still encrypted. here's why: when the listening daemon receives a connection, it passes the connection on to a child process (by forking, so the child process is the same program, but a different instance, different pid, that's why they all say sshd when you do a ps). the encryption is done by the running process, not by the parent (listening) daemon. all the parent does is accept connections and fork. it may be more complicated than that, (i haven't looked at the source) but not by much, e.g., there's privilege separation, it may be that the listening daemon does the initial key exchange, etc. e.g., if /etc/ssh is readable only by root, then the server keys would have to be read by the listening process or a child, but before it had shed root privileges and changed uid/euid. you could test with tcpdump or ethereal though. i'm just too lazy :). on this i trust that theo (or the original developers of ssh, ssh.com) did the right thing :). tiger -- Gerald Timothy Quimpo gquimpo*hotmail.com tiger*sni*ph http://bopolissimus.sni.ph Public Key: "gpg --keyserver pgp.mit.edu --recv-keys 672F4C78" ... and then you see the world for what it really is: an endless parade of babbling nincompoops. -- Philippine Linux Users' Group (PLUG) Mailing List [EMAIL PROTECTED] (#PLUG @ irc.free.net.ph) Official Website: http://plug.linux.org.ph Searchable Archives: http://marc.free.net.ph . To leave, go to http://lists.q-linux.com/mailman/listinfo/plug . Are you a Linux newbie? To join the newbie list, go to http://lists.q-linux.com/mailman/listinfo/ph-linux-newbie
