Re: about sniffing
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
>>>>> "Alson" == Alson van der Meulen <alson@linuxfreak.nl> writes:
Alson> the ssh1 protocol is indeed vulnerable to the man-in-the-middle
Alson> attack, use the ssh2 protocol instead, afaik it's not vulnerable,
Alson> that's one of the reason the ssh2 protocol is promoted now, it's
Alson> not supported by the ssh version in potato though, you might be
Alson> able to upgrade it
Of course ssh2 is vulnerable. Pretty much any encryption scheme is
vulnerable to man-in-the-middle at the point of the initial key
exchange. If you don't check the server key before accepting it, you
run the risk of losing security. (Unless you or some trusted party has
complete control of the network between you and the server.)
ssh2 is more secure than ssh1, but AFAIK this is because of some other
traffic analysis, there ssh1 can leak some information about your
connection.
- --
Hubert Chan <hackerhue@geek.com> - http://www.geocities.com/hubertchan/
PGP/GnuPG key: 1024D/651854DF71FDA37F
Fingerprint: 6CC5 822D 2E55 494C 81DD 6F2C 6518 54DF 71FD A37F
Key available at wwwkeys.pgp.net. Please encrypt *all* e-mail to me.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQE7WhBvZRhU33H9o38RAq5uAJ9rWFwiITs5ACD+MdWPYAUBDDbpmgCgy6aR
LJRjTq2dE6YDrWGgOU/J/HA=
=6Dwg
-----END PGP SIGNATURE-----
Reply to: