[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-dev] RFC: obfsproxyssh
On 26 July 2013 23:56, Andreas Krey <a.krey@xxxxxx> wrote:
> On Tue, 02 Jul 2013 23:42:20 +0000, Ximin Luo wrote:
> ...
>> What sort of PKI are you using to verify the pubkey claimed by either side, to
>> prevent MitM?
>
> What for? The authentication happens in the next step,
> within the OR/bridge protocol. In this case we just have
> an additional layer of encryption around it.
I've always thought with SSH-based obsproxies, that you could
distribute the SSH private key to connect to the server with the
bridge IP address:port. Then, when a user connects to the bridge they
use that SSH private key to login to SSH as normal (and then talk Tor,
and authenticate the relay). If a scanner saw the connection and
suspected it was Tor, they would try and connect, and be presented
with the normal SSH login... which they couldn't complete because they
don't know a valid username/password. They wouldn't be sure the
server was running Tor then. If however the obsproxy accepted any SSH
password/key, the scanner could successfully connect and determine it
was running Tor.
So I think the value of requiring a login a the SSH-based obsproxy is
not for authentication but for scanning resistance.
-tom
_______________________________________________
tor-dev mailing list
tor-dev@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev