[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Q: RSA Authentication vs. Password Authentication in SSH



>>>>> "kmself" == kmself  <kmself@ix.netcom.com> writes:

    kmself> Sorry?

    kmself>   - I establish a private RSA authentication key for ssh.
    kmself> - I send the corresponding public key to remoteserver.  -
    kmself> You intercept the transmission and replace my public key
    kmself> with yours.

I assume you intend to login to the remote server. That means that you
want to put your public key in authorised_keys (IIRC) on the remote
host. However, since I intercepted the message, my key goes in
authorised_keys instead.

    kmself> I can now:

    kmself>   - *Not* access the host I'd intended to provide access
    kmself> to (wrong public key).  

Correct up to here.

    kmself> - Possibly be tricked into
    kmself> accessing a host of your chosing via your key.

Incorrect. You are getting the *host*'s public key mixed up with
*your* public key. This is your public key we are talking about here
(or so I believe).

Now that *my* public key is in authorised_keys on the remote host
(instead of your public key), I can now log into that remote host as
you.

The host's public key travels in the opposite direction, but lets not
complicate matters too much...
-- 
Brian May <bam@debian.org>



Reply to: