Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: telnet vs ssh on Core equipment , looking for reasons why ?

  • From: fingers
  • Date: Tue Jul 31 11:39:51 2001

Hi

> Pardon for blowing your bubble but sniffing ssh keyexchange does not do you
> any good. The symmetric key is exchanged via a channel aready secured. The
> keys that is used to secure the channel used to exchange the symmetric key
> are exchanged via DH-based protocol. If you want to spend your time
> factoring primes for next 500 years to extract the key, you are more than
> welcome to try. It is crypto-101.

ssh1 keys can be sniffed easily enough with things like ettercap and the
like. Last I checked, it couldn't do ssh2, dunno what the status is
now....

--Rob





Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.