Re: Hardware potential to duplicate existing host keys... RSA DS

看板FB_security作者時間13年前 (2012/06/26 10:32), 編輯推噓0(000)
留言0則, 0人參與, 最新討論串20/26 (看更多)
<<On Mon, 25 Jun 2012 18:55:54 -0700, Doug Barton <dougb@freebsd.org> said: > Right. That's what Dag-Erling and I have been saying all along. If you > have the private host key you can impersonate the server. That's not a > MITM attack. That's impersonating the server. If you can impersonate an ssh server, you can also do MitM, if the client isn't using an authentication mechanism that is securely tied to the ephemeral DH key protecting the session. Not clear that this makes any difference in practice. -GAWollman _______________________________________________ freebsd-security@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
更多 wollman. 的文章
文章代碼(AID): #1FwHyYVi (FB_security)
討論串 (同標題文章)
完整討論串 (本文為第 20 之 26 篇):
排序: 最新先 | 最舊先 | 留言數
在新視窗開啟完整討論串 (共26篇)
更多 wollman. 的文章
文章代碼(AID): #1FwHyYVi (FB_security)