[40026] in North American Network Operators' Group
Re: telnet vs ssh on Core equipment , looking for reasons why ?
daemon@ATHENA.MIT.EDU (alex@yuriev.com)
Tue Jul 31 11:18:17 2001
Date: Tue, 31 Jul 2001 11:14:30 -0400 (EDT)
From: <alex@yuriev.com>
To: Greg Maxwell <gmaxwell@martin.fl.us>
Cc: "Stephen J. Wilcox" <steve@opaltelecom.co.uk>,
fingers <fingers@fingers.co.za>,
"Mr. James W. Laferriere" <babydr@baby-dragons.com>, nanog@merit.edu
In-Reply-To: <Pine.GSO.4.33.0107311101300.3912-100000@da1server.martin.fl.us>
Message-ID: <Pine.LNX.3.96.1010731111228.29579L-100000@cathy.uuworld.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Errors-To: owner-nanog-outgoing@merit.edu
> > Pardon for blowing your bubble but sniffing ssh keyexchange does not do you
> > any good. The symmetric key is exchanged via a channel aready secured. The
> > keys that is used to secure the channel used to exchange the symmetric key
> > are exchanged via DH-based protocol. If you want to spend your time
> > factoring primes for next 500 years to extract the key, you are more than
> > welcome to try. It is crypto-101.
>
> If you can arp spoof as indicated in the message you are replying to, you
> can perform a MTM attack which SSH offers only minimal security against
> (in the form of stored host keys that users often choose to ignore or not
> verify the fingerprint). Look to SRP for a MTM-less password
> authentication solution.
Monkey in the Middle attack on SSH is very difficult to perform. I'm cc'ing
Matt Bishop (bishop@cs.ucdavis.edu) who together with yours truly wrote a
paper on this in 1997.
Cheers,
ALex
