spoof rsa fingerprint
Mikkel
mikkel at infinity-ltd.com
Sun Nov 15 01:38:24 UTC 2009
Eugeneapolinary Ju wrote:
> When I first log in to my router [192.168.1.1] through ssh, it says:
>
> The authenticity of host 'XXXX.XX (192.168.1.1)' can't be established.
> RSA key fingerprint is 51:c6:d1:7a:45:c4:74:3e:31:ee:3a:5a:2d:e1:bf:74.
> Are you sure you want to continue connecting (yes/no)?
>
> that's OK [it gets stored in the known_hosts file, on my client machine].
>
> But:
>
> what happens, if someone turns off my router, then installs a pc
> with ip 192.168.1.1?
>
> And! - it spoofs _the same rsa fingerprint_, that was on my router.
>
> Then, when I want to log in to 192.168.1.1, I will type my
> password, and it will stole my password...
>
>
> So the question is:
>
> Could that be possible, to spoof the rsa_fingerprint? [because
> the router say's the fingerprint when first logging in to it, etc..so
> could that be spoofed?]
>
Only if they can get a copy of the host's private key. When the host
is added to the known_hosts file, what you are really adding it the
hosts public key. This is used to exchange encrypted messages
between the two computers to establish that the server you are
connecting to is the server it says it is. This can not be done if
you do not have the server's public key.
Mikkel
--
Do not meddle in the affairs of dragons,
for thou art crunchy and taste good with Ketchup!
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 197 bytes
Desc: OpenPGP digital signature
URL: <http://listman.redhat.com/archives/fedora-list/attachments/20091114/e5b20b73/attachment-0001.sig>
More information about the fedora-list
mailing list