[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: Ssh MITM attack when using tor
Bryan Fordham wrote:
If someone were to upgrade/change their server OS or generate a new
key for purely non-malicious reasons, this could happen, no?
that's true. But if you disconnect, reconnect, and get the old key,
something is funky.
fwiw, that's what's happened to me. And I know the ssh key on the server
hasn't changed.
Just because you upgrade your OS doesn't mean you should throw out all
your server's public keys. I would think that the server's maintainer
would migrate the public keys over to the new system (if they remember,
and if their hard drive hasn't crashed).
In any case, ssh public keys are self-created and are not validated by
TTPs. So, the very first time you connect to the server I don't think
you would be able to detect a mitm attack.
-James