[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
ssh man-in-the-middle attack
- To: or-talk@xxxxxxxx
- Subject: ssh man-in-the-middle attack
- From: "Bryan Fordham" <bfordham@xxxxxxxxx>
- Date: Thu, 16 Nov 2006 13:25:33 -0500
- Delivered-to: archiver@seul.org
- Delivered-to: or-talk-outgoing@seul.org
- Delivered-to: or-talk@seul.org
- Delivery-date: Thu, 16 Nov 2006 13:25:47 -0500
- Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:to:subject:mime-version:content-type:content-transfer-encoding:content-disposition; b=r8EOeupPRC+e8/rMkx6E6fOBITRHy/Ljvy36p7IjzMS/ejPLkc5I7FQFznqZh7ngZvBHIAkhQjBkagRoLIQZwdtJQDeqgUUzDkuwEdk0d1kHWq6n3P5+5tDY9D3rxGU05HQFANXhWSxaR7SSr8lLNY/9E1jR97lp9k5804orrXg=
- Reply-to: or-talk@xxxxxxxxxxxxx
- Sender: owner-or-talk@xxxxxxxxxxxxx
Someone reported similar behavior a while back, so I figured I'd mention this:
yesterday while using ssh over tor, ssh complained loudly that the key
on the remote server had changed. I knew it had not. I canceled the
operation, tried again, and everything worked as normal.
The key fingerprint was: 44:7b:f7:9f:44:9a:a4:de:be:f5:e6:a7:0e:e1:a2:ff
I've only had this happen once. The moral is: know the fingerprint of
the server you're connecting to when connecting for the first time
--B