Peter Clifton <pc...@cam.ac.uk> writes: > On Sun, 2011-02-20 at 10:36 +0100, Karl Hammar wrote: >> Peter Clifton: >> ... >> > generate, and setup .ssh/config with these lines: >> > >> > """ >> > Host git.gpleda.org >> > >> > Port 5022 >> > RSAAuthentication yes >> > IdentityFile ~/.ssh/keys/id_rsa.gpleda.org >> > """ >> ... >> >> Don't you know that protocol version 1 i vulnerable for a >> man-in-the-middle attack? > > No, I didn't know that. > > Does it require a different type of key to be generated and used, or > just removing that option to become secure again?
id_rsa is a version 2 key. The RSAAuthentication may be used for version 1 only, but that does not mean specifying it makes ssh to use version 1. Do "ssh -v git.gpleda.org" to see which version is used. Most default sshd installations do not permit protocol version 1. -- Stephan _______________________________________________ geda-user mailing list geda-user@moria.seul.org http://www.seul.org/cgi-bin/mailman/listinfo/geda-user