Re: Hardware potential to duplicate existing host keys... RSA DS

On 06/25/2012 19:13, Garrett Wollman wrote:
> <<On Mon, 25 Jun 2012 18:55:54 -0700, Doug Barton <dougb@freebsd.org> said:
> 
>> Right. That's what Dag-Erling and I have been saying all along. If you
>> have the private host key you can impersonate the server. That's not a
>> MITM attack. That's impersonating the server.
> 
> If you can impersonate an ssh server, you can also do MitM, if the
> client isn't using an authentication mechanism that is securely tied
> to the ephemeral DH key protecting the session.  Not clear that this
> makes any difference in practice.

If you're impersonating the server you already have the traffic,
whatever else you can do for *that session* is an implementation detail.

For the zillionth time, my point is that being able to impersonate the
server is not going to get you anywhere for sessions *other* than the
ones that terminate at your fake-but-has-the-private-key host.

If anyone believes otherwise, please post how it can be done, in detail.
Otherwise please let this thread die.

Doug

-- 

    This .signature sanitized for your protection

_______________________________________________
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"