On Thu, Sep 04, 2003 at 10:48:55PM -0700, James A. Donald wrote: > > On 4 Sep 2003 at 7:56, Eric Murray wrote: > > ..which means that it [ssh-- ericm] still requires an OOB authentication. > > (or blinding typing 'yes' and ignoring the consequences). But > > that's another subject. > > Not true. Think about what would happen if you tried a man in > the middle attack on an SSH server.
you'd get the victim's session: http://www.monkey.org/%7Edugsong/dsniff/ Abstract dsniff is a collection of tools for network auditing and penetration [..] sshmitm and webmitm implement active monkey-in-the-middle attacks against redirected SSH and HTTPS sessions by exploiting weak bindings in ad-hoc PKI. also see http://sysadmin.oreilly.com/news/silverman_1200.html for discussion.