By default, RSA is not compiled into ssh. Ssh clients and servers negotiate
a protocol at connect time, much like an SSL connection. Also like SSL, it
will negotiate most all common schemes (DES,Triple-DES,IDEA) at various
bit-depths.
All in all, ssh is fairly secure and even an attack such as you described
should be fairly difficult - certainly hard enough to deter any attacks
where you are not specifically a target. If you are worried about someone
actively trying to crack in, you probably have a lot of cryptography and
security reading to do!
> -----Original Message-----
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
> Sent: Thursday, September 23, 1999 5:11 AM
> To: [EMAIL PROTECTED]
> Subject: Cryptography question
>
>
> Hi all,
> I know that some "chosen ciphertext attack" works against RSA, does
> anyone know weak implementation of public key algorithms used by ssh
> (DSA, x509v3, spki, pgp)?
>
> Thanks
> Raffaele
>
>
>
