From: Ralf Baechle DL5RB <ralf@linux-mips.org>
To: Bill - WA7NWP <wa7nwp@jnos.org>
Cc: linux-hams@vger.kernel.org
Subject: Re: SSH and the NONE option - more
Date: Mon, 1 Aug 2005 12:34:18 +0100 [thread overview]
Message-ID: <20050801113417.GD4205@linux-mips.org> (raw)
In-Reply-To: <42EAD85D.3010107@jnos.org>
On Fri, Jul 29, 2005 at 06:31:09PM -0700, Bill - WA7NWP wrote:
> Suppose I captured all the packets of a SSH encrypted exchange. Would
> it be possible to decode the contents of the exchange IF one had both
> the public and private keys?
>
> If so, then we hams should be able to use SSH for amateur radio
> operations as long as we publish the keys - no?
ssh uses the Diffie-Hellman algorithm to exchange randomly generated
session keys. These keys are generated on the fly and destroyed at the
end of the session or replaced after a certain time with new keys. The
special propertie of the Diffie-Hellman algorithm is that it permits the
secure exchange of the session keys even if the session is being evedropped
uppon. Diffie-Hellman is vulnerable against a man in the middle attack
however, so the data packets used in the key exchange are secured against
this kind of attach using public key cryptography. The bottom line of
all this is no, publishing the RSA or DSA public keys is useless as they're
not being used for cryptography nor can their knowledge be used to
decrypt anything. Ssh is a pretty smart protocol :-)
Ralf
next prev parent reply other threads:[~2005-08-01 11:34 UTC|newest]
Thread overview: 52+ messages / expand[flat|nested] mbox.gz Atom feed top
2005-07-11 8:21 [PATCH] First cut of PR430 / extended 6pack driver Ralf Baechle DL5RB
2005-07-11 21:59 ` YAPP File Transfer with Linux Bill Vodall WA7NWP
2005-07-11 22:06 ` Curt, WE7U
2005-07-11 22:12 ` Curt, WE7U
2005-07-12 11:42 ` Rodolfo Brasnarof
2005-07-12 14:13 ` Bill Vodall
2005-07-12 14:21 ` Digi-ned output file and logrotate Bill Vodall
2005-07-12 15:24 ` Jim Bayer
2005-07-12 14:56 ` YAPP File Transfer with Linux Bob Nielsen
2005-07-12 14:55 ` Bill Vodall
2005-07-12 15:28 ` Bob Nielsen
2005-07-12 17:05 ` Bill Vodall
2005-07-12 18:07 ` Robert Eliassen
2005-07-12 18:51 ` Jeremy Utley
2005-07-12 19:11 ` Bill Vodall WA7NWP
2005-07-13 7:53 ` Robert Eliassen
2005-07-13 11:03 ` Tomi Manninen
2005-07-13 14:41 ` Chuck Hast
2005-07-13 17:51 ` Dave Platt
2005-07-14 0:19 ` Bob Nielsen
2005-07-12 20:51 ` Michael Taylor
2005-07-12 22:03 ` Bill - WA7NWP
2005-07-12 23:56 ` Chuck Hast
2005-07-12 15:13 ` Robert Eliassen
2005-07-12 15:22 ` SSH and the NONE option Bill Vodall
2005-07-12 16:55 ` Ralf Baechle DL5RB
2005-07-12 17:02 ` Bill Vodall
2005-07-12 18:04 ` Jonathan Lassoff
2005-07-12 19:08 ` Bill Vodall WA7NWP
2005-07-12 20:00 ` Jim Bayer
2005-07-12 20:43 ` Michael Taylor
2005-07-12 20:41 ` Michael Taylor
2005-07-12 21:57 ` Bill - WA7NWP
2005-07-12 22:19 ` Dennis Boone
2005-07-14 7:59 ` Ralf Baechle DL5RB
2005-07-14 9:47 ` Per Crusefalk
2005-07-14 14:53 ` Jim Bayer
2005-07-14 15:12 ` Andrew Bates
2005-07-14 17:01 ` Dave Platt
2005-07-14 15:27 ` Bob Snyder
2005-07-14 16:28 ` Jonathan Lassoff
2005-07-14 19:02 ` Bob Snyder
2005-07-14 19:28 ` Curt, WE7U
2005-07-14 20:43 ` Bob Snyder
2005-07-30 1:31 ` SSH and the NONE option - more Bill - WA7NWP
2005-07-30 8:19 ` Robert Snyder
2005-08-01 11:34 ` Ralf Baechle DL5RB [this message]
2005-08-02 13:20 ` Bill Vodall
2005-07-14 19:51 ` SSH and the NONE option Andrew Bates
2005-07-14 16:01 ` Ralf Baechle DL5RB
2005-07-16 9:28 ` Arno Verhoeven - PE1ICQ
2005-07-13 12:39 ` YAPP File Transfer with Linux Rodolfo Brasnarof
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20050801113417.GD4205@linux-mips.org \
--to=ralf@linux-mips.org \
--cc=linux-hams@vger.kernel.org \
--cc=wa7nwp@jnos.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.