146 lines
2.7 KiB
HTML
146 lines
2.7 KiB
HTML
<HTML
|
|
><HEAD
|
|
><TITLE
|
|
>Security considerations</TITLE
|
|
><META
|
|
NAME="GENERATOR"
|
|
CONTENT="Modular DocBook HTML Stylesheet Version 1.63
|
|
"><LINK
|
|
REL="HOME"
|
|
TITLE="Encrypted Tunnels using SSH and MindTerm HOWTO"
|
|
HREF="index.html"><LINK
|
|
REL="PREVIOUS"
|
|
TITLE="MindTerm over the web"
|
|
HREF="mindterm-web.html"><LINK
|
|
REL="NEXT"
|
|
TITLE="Conclusion"
|
|
HREF="conclusion.html"></HEAD
|
|
><BODY
|
|
CLASS="SECT1"
|
|
BGCOLOR="#FFFFFF"
|
|
TEXT="#000000"
|
|
LINK="#0000FF"
|
|
VLINK="#840084"
|
|
ALINK="#0000FF"
|
|
><DIV
|
|
CLASS="NAVHEADER"
|
|
><TABLE
|
|
WIDTH="100%"
|
|
BORDER="0"
|
|
CELLPADDING="0"
|
|
CELLSPACING="0"
|
|
><TR
|
|
><TH
|
|
COLSPAN="3"
|
|
ALIGN="center"
|
|
>Encrypted Tunnels using SSH and MindTerm HOWTO</TH
|
|
></TR
|
|
><TR
|
|
><TD
|
|
WIDTH="10%"
|
|
ALIGN="left"
|
|
VALIGN="bottom"
|
|
><A
|
|
HREF="mindterm-web.html"
|
|
>Prev</A
|
|
></TD
|
|
><TD
|
|
WIDTH="80%"
|
|
ALIGN="center"
|
|
VALIGN="bottom"
|
|
></TD
|
|
><TD
|
|
WIDTH="10%"
|
|
ALIGN="right"
|
|
VALIGN="bottom"
|
|
><A
|
|
HREF="conclusion.html"
|
|
>Next</A
|
|
></TD
|
|
></TR
|
|
></TABLE
|
|
><HR
|
|
ALIGN="LEFT"
|
|
WIDTH="100%"></DIV
|
|
><DIV
|
|
CLASS="SECT1"
|
|
><H1
|
|
CLASS="SECT1"
|
|
><A
|
|
NAME="SECURITY"
|
|
>7. Security considerations</A
|
|
></H1
|
|
><P
|
|
>When an ssh session starts, the public-keys are being sent over an insecure connection until the
|
|
authentication process is established.. This allows a person to intercept an ssh session and place their
|
|
own public key in the connection process. SSH is designed to warn the user if a public-key has changed
|
|
from what exists in their known_host file. The warning that is given is quite noticeable and ssh will
|
|
drop the connection if the public keys are different, but user's may still trust the certificate because
|
|
they may think that their company has changed the server's public key. This kind of attack isn't
|
|
difficult because the dsniff package mentioned earlier contains the tools to perform it. This attack is
|
|
more commonly called a <EM
|
|
>"man-in-the-middle attack" (The End of SSL and SSH)</EM
|
|
>.</P
|
|
><P
|
|
>A temporary and easy fix for this is to first teach the user's how to recognize the signs that the host
|
|
key has changed and what to do to get the proper host(s) public key. Second, post the public key for the
|
|
ssh server(s) on a website, ftp server, or distribute it some other way so that users have access to it at
|
|
all times.</P
|
|
></DIV
|
|
><DIV
|
|
CLASS="NAVFOOTER"
|
|
><HR
|
|
ALIGN="LEFT"
|
|
WIDTH="100%"><TABLE
|
|
WIDTH="100%"
|
|
BORDER="0"
|
|
CELLPADDING="0"
|
|
CELLSPACING="0"
|
|
><TR
|
|
><TD
|
|
WIDTH="33%"
|
|
ALIGN="left"
|
|
VALIGN="top"
|
|
><A
|
|
HREF="mindterm-web.html"
|
|
>Prev</A
|
|
></TD
|
|
><TD
|
|
WIDTH="34%"
|
|
ALIGN="center"
|
|
VALIGN="top"
|
|
><A
|
|
HREF="index.html"
|
|
>Home</A
|
|
></TD
|
|
><TD
|
|
WIDTH="33%"
|
|
ALIGN="right"
|
|
VALIGN="top"
|
|
><A
|
|
HREF="conclusion.html"
|
|
>Next</A
|
|
></TD
|
|
></TR
|
|
><TR
|
|
><TD
|
|
WIDTH="33%"
|
|
ALIGN="left"
|
|
VALIGN="top"
|
|
>MindTerm over the web</TD
|
|
><TD
|
|
WIDTH="34%"
|
|
ALIGN="center"
|
|
VALIGN="top"
|
|
> </TD
|
|
><TD
|
|
WIDTH="33%"
|
|
ALIGN="right"
|
|
VALIGN="top"
|
|
>Conclusion</TD
|
|
></TR
|
|
></TABLE
|
|
></DIV
|
|
></BODY
|
|
></HTML
|
|
> |