ssh security question

To: debian users <debian-user@lists.debian.org>
Subject: ssh security question
From: Martin F Krafft <madduck@madduck.net>
Date: Sun, 26 Aug 2001 22:11:08 +0200
Message-id: <[🔎] 20010826221108.A1404@fishbowl.madduck.net>
Mail-followup-to: Martin F Krafft <madduck@madduck.net>, debian users <debian-user@lists.debian.org>

my laptop has two net interfaces, one wired and one wireless. they
have different MAC addresses, but i configured my DHCP server to treat
them the same so that i usually have the same IP no matter what card i
use.

i just noticed a curious bit of possible security awkwardness. with my
wired card, i established an ssh2 connection to another machine on my
subnet, then i proceeded to swap the cards - and i could continue
using my ssh2 session as soon as the new card received an IP (the same
one). now i ask you - this smells like a problem to me, or not?
shouldn't sshd at least worry about the MAC address too (can it?) just
an IP is too easy to spoof (MAC are too i guess).

martin;              (greetings from the heart of the sun.)
  \____ echo mailto: !#^."<*>"|tr "<*> mailto:"; net@madduck
-- 
la lune, c'est comme les canards
il faut aimer caresser les chats
pour avoir envie d'y aller.

Reply to:

Follow-Ups:
- Re: ssh security question
  - From: "Jeremy T. Bouse" <Jeremy.Bouse@UnderGrid.net>
- Re: ssh security question
  - From: dman <dsh8290@rit.edu>
- Re: ssh security question
  - From: "Jakob B. Jensen" <jbj@image.dk>

Prev by Date: Re: gshutdown and the trash can thingy in GNOME
Next by Date: Re: gmix problems
Previous by thread: Re: strange leaps in df % reported RESOLVED
Next by thread: Re: ssh security question
Index(es):
- Date
- Thread