Hi,
Quote:
Originally Posted by lazardo
Is the MITM vector still valid after 6 years of ssh/ssl changes?
|
That would require some investigation.
I haven't paid attention to the article date.
But I assume if it wasn't possible then, it's not possible now ;-)
Quote:
Originally Posted by lazardo
If I'm decrypting real time, can I not see the cat also?
|
Based on the article, I understand that the attacker is not able to be in the middle between you and the real server.
He is simply not able to reuse your private key information, i.e. he allows you to connect to the fake server, but he cannot read the private key details required to connect him to the real server and be in the middle.
But he is still able to read all the traffic, including passwords.
He can also return whichever data he likes.
Now, if I know some secret on the real machine and I execute
cat and I read the expected value, I know it's the real machine, because there cannot be anybody in the middle knowing the secret.
But if I read something else or the secret does not exist (e.g. the file does not exist) then I know I'm connected to the attacker's server.
Now, am I correct in my thinking?
--
Best regards,
Andrzej Telszewski