On 26 July 2013 23:56, Andreas Krey <a.k...@gmx.de> wrote: > On Tue, 02 Jul 2013 23:42:20 +0000, Ximin Luo wrote: > ... >> What sort of PKI are you using to verify the pubkey claimed by either side, >> to >> prevent MitM? > > What for? The authentication happens in the next step, > within the OR/bridge protocol. In this case we just have > an additional layer of encryption around it.
I've always thought with SSH-based obsproxies, that you could distribute the SSH private key to connect to the server with the bridge IP address:port. Then, when a user connects to the bridge they use that SSH private key to login to SSH as normal (and then talk Tor, and authenticate the relay). If a scanner saw the connection and suspected it was Tor, they would try and connect, and be presented with the normal SSH login... which they couldn't complete because they don't know a valid username/password. They wouldn't be sure the server was running Tor then. If however the obsproxy accepted any SSH password/key, the scanner could successfully connect and determine it was running Tor. So I think the value of requiring a login a the SSH-based obsproxy is not for authentication but for scanning resistance. -tom _______________________________________________ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
