spoof rsa fingerprint
Wolfgang S. Rupprecht
wolfgang.rupprecht at gmail.com
Tue Nov 17 21:37:30 UTC 2009
> In the scenario that the OP hypothesized, yes, spoofing the
> fingerprint would help the attacker. A user who attempted to ssh to
> the router would not be warned that the host had changed and would
> submit their password to a rogue host.
>
> In answer to the original question, though, spoofing the fingerprint
> would be extraordinarily difficult.
I don't see any fingerprints stored in /etc/ssh/ssh_known_hosts or the
user's equivalent ~/.ssh/known_hosts, these are the actual public half
of the RSA keys. Spoofing these means breaking RSA and generating the
corresponding private pair. If someone could do this, I doubt they
would waste their talents on logging in to some poor schmuck's Fedora
box. There are much jucier and lucrative targets.
-wolfgang
--
Wolfgang S. Rupprecht
If the airwaves belong to the public why does the public only get 3
non-overlapping WIFI channels?
More information about the fedora-list
mailing list