Hi,

I hope it's not against forum rules, at least it's not strict double posting ;-)
Could you please have a look at Verifying host authenticity (SSH) after logging in, over then accessible secure serial terminal thread and comment?
One note, it's not necessarily about serial terminal any more.

I'm asking here, because I know we have some smart people here that might not browse other categories.

Thanks in advance!

--
Best regards,
Andrzej Telszewski

I assume you've reproduced with current ssh/ssl?

Hi,

What do you mean? What was I about to reproduce?

--
Best regards,
Andrzej Telszewski

Is the MITM vector still valid after 6 years of ssh/ssl changes? If I'm decrypting real time, can I not see the cat also?

Cheers,

Hi,
That would require some investigation.
I haven't paid attention to the article date.
But I assume if it wasn't possible then, it's not possible now ;-)
Based on the article, I understand that the attacker is not able to be in the middle between you and the real server.
He is simply not able to reuse your private key information, i.e. he allows you to connect to the fake server, but he cannot read the private key details required to connect him to the real server and be in the middle.
But he is still able to read all the traffic, including passwords.
He can also return whichever data he likes.

Now, if I know some secret on the real machine and I execute cat and I read the expected value, I know it's the real machine, because there cannot be anybody in the middle knowing the secret.
But if I read something else or the secret does not exist (e.g. the file does not exist) then I know I'm connected to the attacker's server.

Now, am I correct in my thinking?

--
Best regards,
Andrzej Telszewski

Hi,

Satisfactory answers have been posted in the original thread.
Marking this one as solved.

--
Best regards,
Andrzej Telszewski