[prev in list] [next in list] [prev in thread] [next in thread]
List: freenx-knx
Subject: Re: AW: [FreeNX-kNX] Alioth projekt for FreeNX debian packages
From: Paul van der Vlis <paul () vandervlis ! nl>
Date: 2005-06-15 9:17:33
Message-ID: 42AFF22D.3070003 () vandervlis ! nl
[Download RAW message or body]
Felix Schumacher schreef:
> Hi all,
>
> if "nxsetup --setup-nomachine-key" installs a pre-computed ssh private
> key
> for use with the secure channel. I believe anyone could intercept this
> secure
> Channel with a "man in the middle" attack. And get the clear-text
> passwords
> for the user, which are sent over the (than not so) secure channel.
No, I think the user will get a warning, because the host-key is
different in such a case. Something like:
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that the RSA host key has just been changed.
The fingerprint for the RSA key sent by the remote host is
70:52:98:af:3b:70:df:4d:e1:1d:ff:6c:1b:ef:45:20.
Please contact your system administrator.
Add correct host key in /home/paul/.ssh/known_hosts to get rid of this
message.
Offending key in /home/paul/.ssh/known_hosts:93
RSA host key for machine.domain.nl has changed and you have requested
strict checking.
Host key verification failed.
With regards,
Paul van der Vlis.
_______________________________________________
FreeNX-kNX mailing list
FreeNX-kNX@kde.org
https://mail.kde.org/mailman/listinfo/freenx-knx
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic