[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Ssh MITM attack when using tor

To: or-talk@xxxxxxxxxxxxx
Subject: Re: Ssh MITM attack when using tor
From: "Bryan Fordham" <bfordham@xxxxxxxxx>
Date: Fri, 2 Feb 2007 16:16:10 -0500
Delivered-to: archiver@seul.org
Delivered-to: or-talk-outgoing@seul.org
Delivered-to: or-talk@seul.org
Delivery-date: Fri, 02 Feb 2007 16:16:22 -0500
Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:references; b=EZ0QvflVmwVtACNRY+TPLzkAzbBVUYpDLdmnkQCHy6dF4vP6UHdDsokZoukgBiYoXun+pFo2illOqxBqjwuWpBpjgYH/otMrXF0mwT26dcoZ3bZA6k72NLa3mqX8qGj/aRUCHCh8KdLdQKirIsM/anh7lMYSJe+LUQXY/Zsx5NI=
In-reply-to: <768c60d30702021312sa1691f0u7def8fd2d962fc6b@mail.gmail.com>
References: <7i1wl8l5l3.fsf@lanthane.pps.jussieu.fr> <45C3A777.6070407@scs.carleton.ca> <5e3f62880702021305pe61887dpb95f22640dc60d6e@mail.gmail.com> <768c60d30702021312sa1691f0u7def8fd2d962fc6b@mail.gmail.com>
Reply-to: or-talk@xxxxxxxxxxxxx
Sender: owner-or-talk@xxxxxxxxxxxxx

If someone were to upgrade/change their server OS or generate a new
key for purely non-malicious reasons, this could happen, no?

that's true. But if you disconnect, reconnect, and get the old key, something is funky.

fwiw, that's what's happened to me. And I know the ssh key on the server hasn't changed.

Follow-Ups:
- Re: Ssh MITM attack when using tor
  - From: James Muir

References:
- Ssh MITM attack when using tor
  - From: Juliusz Chroboczek
- Re: Ssh MITM attack when using tor
  - From: James Muir
- Re: Ssh MITM attack when using tor
  - From: Bryan Fordham
- Re: Ssh MITM attack when using tor
  - From: P Jones

Prev by Author: Re: Ssh MITM attack when using tor
Next by Author: Re: Ssh MITM attack when using tor
Previous by thread: Re: Ssh MITM attack when using tor
Next by thread: Re: Ssh MITM attack when using tor
Index(es):
- Author
- Thread