[NTLUG:Discuss] another question on ssh and mobility

Mon Sep 9 11:48:51 CDT 2002

On Mon, 2002-09-09 at 10:32, Fred James wrote:
> On the security side, let me run this past you and see what you think:
> 
> (1) Anyone with the host name/IP and an ssh client can initiate a 
> connection attempt.
> (2) If the client computer has never gotten a key from that host before, 
> one will be offered.
> (3) If the client accepts the key, and keeps it somewhere, subsequent 
> connection attempts to the same host will not go through the key 
> offering sequence.
> (4) The offer of a key is the hosts asking the client if the client 
> trust the host, or trust that this is indeed the host the client wants 
> to trust
> (5) That done, the session(s) is(are) encrypted, and then it is up to 
> the login/password to insure that only the proper users have access.
> 
> Right so far?
> 

yeh

> Now, the key is being stored somewhere on that client computer - so I 
> assume that someone could find the key - is that right?  If so, of what 
> value would it be to that someone?  Of what danger could it be to the 
> either the client, or host, computer for that key to be found by someone?

Its just the public key.  They can get the key by requesting a
connection to the server.  No big deal.

if they replaced the key and then injected a route, they could possibly
do a man-in-the-middle style attack, but that would be a lot of if's,
and if they had the access necessary to do this, there are easier ways
to get the traffic.

-- 
MadHat at Unspecific.com
"Anyone who understands Linux/Unix, really understands the universe.
 Anyone who understands Windows, really understands Windows."
          - Richard Thieme, DefCon 10, 2002 