telnet vs ssh on Core equipment , looking for reasons why ?
alex at yuriev.com
alex at yuriev.com
Tue Jul 31 14:41:59 UTC 2001
> > > so thats my main logic, authentication... i cant understand the big
> > > paranoia on people sniffing tho!
> >
> > unfortunately ssh is just as sniffable if it's an arp spoof, but hopefully
> > it's not as easy for the naughty eavesdropper to get into the right
> > position for that....
Pardon for blowing your bubble but sniffing ssh keyexchange does not do you
any good. The symmetric key is exchanged via a channel aready secured. The
keys that is used to secure the channel used to exchange the symmetric key
are exchanged via DH-based protocol. If you want to spend your time
factoring primes for next 500 years to extract the key, you are more than
welcome to try. It is crypto-101.
Alex
More information about the NANOG
mailing list