[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Anecdotical experience of SSH MITM



Could you post more log data?

On July 15, 2017 1:33:52 PM GMT+02:00, carlo von lynX <lynX@xxxxxxxxxxxxxxxxxxxxxx> wrote:
>Hi, I report an experience I seem to have made.
>In recent weeks I was occasionally prompted with
>a wrong SSH key for my server, like this:
>
>RSA key fingerprint is
>SHA256:DcXN8UTcDaCz7N1BoUXc9H8yUAs4gxiy37Y1+BDIhUU.
>
>Today I was fast enough to look up the stream
>list, using remotor:
>
>2602 SUCCEEDED 1183 [destination-host-scrapped]:2222
>
>Yes, the intervention happened on a non-standard
>ssh port. I looked up the circuit in the circuit
>status list (the "1183"):
>
>1183 BUILT [entry-guard-scrapped],jaures3,coriandolino c
>
>To ensure the circuit hadn't changed while I looked it
>up, I tried connecting again, resulting in the same false
>certificate prompt.
>
>Next I hit 'new identity' and was able to log in without
>disruptions over some other friendly exit node.
>
>Thank you for your attention in the matter.
>Make your own deductions.
>
>
>-- 
>  E-mail is public! Talk to me in private using encryption:
>         http://loupsycedyglgamf.onion/LynX/
>          irc://loupsycedyglgamf.onion:67/lynX
>         https://psyced.org:34443/LynX/
>-- 
>tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
>To unsubscribe or change other settings go to
>https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

-- 
Take Care Sincerely flipchan layerprox dev
-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk