On Tue, 31 Jul 2001 alex@yuriev.com wrote:
so thats my main logic, authentication... i cant understand the big paranoia on people sniffing tho!
unfortunately ssh is just as sniffable if it's an arp spoof, but hopefully it's not as easy for the naughty eavesdropper to get into the right position for that....
Pardon for blowing your bubble but sniffing ssh keyexchange does not do you any good. The symmetric key is exchanged via a channel aready secured. The keys that is used to secure the channel used to exchange the symmetric key are exchanged via DH-based protocol. If you want to spend your time factoring primes for next 500 years to extract the key, you are more than welcome to try. It is crypto-101.
If you can arp spoof as indicated in the message you are replying to, you can perform a MTM attack which SSH offers only minimal security against (in the form of stored host keys that users often choose to ignore or not verify the fingerprint). Look to SRP for a MTM-less password authentication solution.