[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

AAARRRGGHHH! Re: OT: security of ssh/RSAAuthentication

To: misc@openbsd.org
Subject: AAARRRGGHHH! Re: OT: security of ssh/RSAAuthentication
From: Toni Mueller <openbsd-misc@oeko.net>
Date: Wed, 10 Jan 2001 15:04:53 +0100
Content-Disposition: inline
References: <20010110130845.11159.qmail@oak.oeko.net>
User-Agent: Mutt/1.2i

Well, I need to answer myself:

On Wed, Jan 10, 2001 at 02:08:45PM +0100, Toni Mueller wrote:
> When I use RSAAuthentication, how much more or less
> secure is this compared to using normal
> ssh -l loginname host?

Answer: Using RSAAuthentication is not more secure than
other ways because this demands the usage of protocol
version 1 which appears to have a small window that
allows anyone (in the proper position) to catch the
session and snoop on it (so far goes my reading of
man sshd). There could, of course, well be some kind
of domino effect once a host is cracked where users
have empty passphrases and RSAAuthentication on.

Best Regards,
--Toni, who types much faster than he thinks :( ++

Follow-Ups:
- Re: AAARRRGGHHH! Re: OT: security of ssh/RSAAuthentication
  - From: Markus Friedl <Markus.Friedl@informatik.uni-erlangen.de>
- Re: AAARRRGGHHH! Re: OT: security of ssh/RSAAuthentication
  - From: Sebastian Stark <seb@gosh.todesplanet.de>

References:
- OT: security of ssh/RSAAuthentication
  - From: Toni Mueller <openbsd-misc@oeko.net>

Prev by Date: Windows Me support under samba 2.0.7 on OpenBSD 2.8
Next by Date: RE: hak os stats
Prev by thread: Re: OT: security of ssh/RSAAuthentication
Next by thread: Re: AAARRRGGHHH! Re: OT: security of ssh/RSAAuthentication
Index(es):
- Date
- Thread