FAS and public Key auth
Till Maas
opensource at till.name
Thu May 22 20:28:35 UTC 2008
On Thu May 22 2008, Mike McGrath wrote:
> So what you're saying is it is impossible to do a man in the middle attack
> with OpenSSH (assuming the host keys of the server haven't been
> compromised) ?
I am saying that the information an attackers gets when a user logs in with
public-key authentication to a server under the attackers control is not
enough to allow the attacker to login into another machine the user can login
to.
Regards,
Till
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 827 bytes
Desc: This is a digitally signed message part.
URL: <http://listman.redhat.com/archives/fedora-infrastructure-list/attachments/20080522/4f0ea1d1/attachment.sig>
More information about the Fedora-infrastructure-list
mailing list