Re: ssh security question

To: debian users <debian-user@lists.debian.org>
Cc: Martin F Krafft <madduck@madduck.net>
Subject: Re: ssh security question
From: dman <dsh8290@rit.edu>
Date: Sun, 26 Aug 2001 18:10:06 -0400
Message-id: <[🔎] 20010826181006.A1597@harmony.cs.rit.edu>
Mail-followup-to: debian users <debian-user@lists.debian.org>, Martin F Krafft <madduck@madduck.net>
In-reply-to: <[🔎] 20010826232957.A7226@fishbowl.madduck.net>; from madduck@madduck.net on Sun, Aug 26, 2001 at 11:29:57PM +0200
References: <[🔎] 20010826221108.A1404@fishbowl.madduck.net> <[🔎] 20010826170637.A1522@harmony.cs.rit.edu> <[🔎] 20010826232957.A7226@fishbowl.madduck.net>

On Sun, Aug 26, 2001 at 11:29:57PM +0200, Martin F Krafft wrote:
| also sprach dman (on Sun, 26 Aug 2001 05:06:37PM -0400):
| > The MAC address is only known along that particular wire.  That is, if
| > the IP packets pass through any routers or gateways the receiving side
| > will see the MAC address of the last gateway/router interface and not
| > the MAC of the sender.  
| 
| right, i know this. but they are on the same subnet and even if, a
| change in MAC address during an active ssh connection can't be a good
| sign to sshd...

Suppose there were 2 routers on the same ethernet link (physical
layer) as your NIC.  Now suppose, for whatever reason, some (incoming)
packets are routed via one router and some are routed via the other.
This would be a perfectly valid reason for the MAC address changing
but the connection still being legit.

-D

Reply to:

References:
- ssh security question
  - From: Martin F Krafft <madduck@madduck.net>
- Re: ssh security question
  - From: dman <dsh8290@rit.edu>
- Re: ssh security question
  - From: Martin F Krafft <madduck@madduck.net>

Prev by Date: Re: strange leaps in df % reported RESOLVED
Next by Date: Re: Re: SGML
Previous by thread: Re: ssh security question
Next by thread: Re: ssh security question
Index(es):
- Date
- Thread