[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

ssh man-in-the-middle attack

To: or-talk@xxxxxxxx
Subject: ssh man-in-the-middle attack
From: "Bryan Fordham" <bfordham@xxxxxxxxx>
Date: Thu, 16 Nov 2006 13:25:33 -0500
Delivered-to: archiver@seul.org
Delivered-to: or-talk-outgoing@seul.org
Delivered-to: or-talk@seul.org
Delivery-date: Thu, 16 Nov 2006 13:25:47 -0500
Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:to:subject:mime-version:content-type:content-transfer-encoding:content-disposition; b=r8EOeupPRC+e8/rMkx6E6fOBITRHy/Ljvy36p7IjzMS/ejPLkc5I7FQFznqZh7ngZvBHIAkhQjBkagRoLIQZwdtJQDeqgUUzDkuwEdk0d1kHWq6n3P5+5tDY9D3rxGU05HQFANXhWSxaR7SSr8lLNY/9E1jR97lp9k5804orrXg=
Reply-to: or-talk@xxxxxxxxxxxxx
Sender: owner-or-talk@xxxxxxxxxxxxx

Someone reported similar behavior a while back, so I figured I'd mention this:

yesterday while using ssh over tor, ssh complained loudly that the key
on the remote server had changed. I knew it had not. I canceled the
operation, tried again, and everything worked as normal.

The key fingerprint was: 44:7b:f7:9f:44:9a:a4:de:be:f5:e6:a7:0e:e1:a2:ff

I've only had this happen once. The moral is: know the fingerprint of
the server you're connecting to when connecting for the first time

--B

Follow-Ups:
- Re: ssh man-in-the-middle attack
  - From: Dave Page

Prev by Author: Re: Tor Network Status Website
Next by Author: Re: False certificates
Previous by thread: tls error messages
Next by thread: Re: ssh man-in-the-middle attack
Index(es):
- Author
- Thread