Crypto and UI issues

[Damien Miller]

David Mercer wrote:

> And my appologies to Ben Laurie and friends, but why after all these
> years is the UI interaction in ssh almost exactly the same when
> accepting a key for the first time as overriding using a different one
> when it changed on the other end, whether from mitm or just a
> key/IP/hostname change?

Untrue, something which a moment's checking would have revealed.

A brand new key requires user acceptance:

> The authenticity of host '127.0.0.1 (127.0.0.1)' can't be established.
> RSA key fingerprint is f2:42:df:b2:6e:1b:8a:ac:96:27:6d:8c:b9:e6:93:a1.
> No matching host key fingerprint found in DNS.
> Are you sure you want to continue connecting (yes/no)? no
> Host key verification failed.

A changed host key (a much more risky situation) forces the user to
manually remove the old key, hopefully forcing them to think about the
consequences:

> @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
> @    WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!     @
> @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
> IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
> Someone could be eavesdropping on you right now (man-in-the-middle attack)!
> It is also possible that the RSA host key has just been changed.
> The fingerprint for the RSA key sent by the remote host is
> f2:42:df:b2:6e:1b:8a:ac:96:27:6d:8c:b9:e6:93:a1.
> Please contact your system administrator.
> Add correct host key in /home/djm/.ssh/known_hosts to get rid of this message.
> Offending key in /home/djm/.ssh/known_hosts:209
> RSA host key for 127.0.0.1 has changed and you have requested strict checking.
> Host key verification failed.

-d

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com