[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Ssh MITM attack when using tor



On 2/2/07, Bryan Fordham <bfordham@xxxxxxxxx> wrote:


On 2/2/07, James Muir <jamuir@xxxxxxxxxxxxxxx> wrote:
>
> Just curious -- how does ssh inform you that a man-in-the-middle (i.e.
> the exit node) is trying to victimize you?

ssh complains that the server's key has changed. I've had it happen a few
times

If someone were to upgrade/change their server OS or generate a new key for purely non-malicious reasons, this could happen, no?