Is ssh not safe?
Joel Jaeggli
joelja at darkwing.uoregon.edu
Sat Jul 24 18:56:03 UTC 2004
On Sat, 24 Jul 2004, Jason Costomiris wrote:
>
> On Jul 24, 2004, at 2:04 PM, Edwin Dicker wrote:
>
>> I think SSH is safe enough with its encryption.( Of course everything can
>> eventually be cracked )
>
> The problem with your statement is that there's not a single key in use all
> the time. Certainly an individual key can be broken given enough time to
> brute force it. Of course, by the time the would-be attacker has done that,
> your session has most likely been closed for days, and even still, either end
> of the connection can request re-keying of the session key periodically.
The symmetric key algorythms used in ssh (and most other applications that
use symmetric keys for encryption) idea, blowfish aes and others are
believed to be very very strong... the weakest point in the whole link is
key-exchange and specifically m-i-t-m attacks aimed at the connection
setup. worrying about the stream being brute-force-decrypted in something
like real time (even if you were using des-56) isn't realistic, and there
are much lower hanging fruitlike mitm or just subverting the machine on
either end of the connection...
>
>
--
--------------------------------------------------------------------------
Joel Jaeggli Unix Consulting joelja at darkwing.uoregon.edu
GPG Key Fingerprint: 5C6E 0104 BAF0 40B0 5BD3 C38B F000 35AB B67F 56B2
More information about the fedora-list
mailing list