From 3ed6640532ea53bc37182262141c9e917a448025 Mon Sep 17 00:00:00 2001 From: Ben Lindstrom Date: Thu, 1 Aug 2002 01:21:56 +0000 Subject: - markus@cvs.openbsd.org 2002/07/24 16:11:18 [hostfile.c hostfile.h sshconnect.c] print out all known keys for a host if we get a unknown host key, see discussion at http://marc.theaimsgroup.com/?t=101069210100016&r=1&w=4 the ssharp mitm tool attacks users in a similar way, so i'd like to pointed out again: A MITM attack is always possible if the ssh client prints: The authenticity of host 'bla' can't be established. (protocol version 2 with pubkey authentication allows you to detect MITM attacks) --- ChangeLog | 16 +++++++++++++++- 1 file changed, 15 insertions(+), 1 deletion(-) (limited to 'ChangeLog') diff --git a/ChangeLog b/ChangeLog index d53270d4e..546671bf0 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,17 @@ +20020731 + - (bal) OpenBSD CVS Sync + - markus@cvs.openbsd.org 2002/07/24 16:11:18 + [hostfile.c hostfile.h sshconnect.c] + print out all known keys for a host if we get a unknown host key, + see discussion at http://marc.theaimsgroup.com/?t=101069210100016&r=1&w=4 + + the ssharp mitm tool attacks users in a similar way, so i'd like to + pointed out again: + A MITM attack is always possible if the ssh client prints: + The authenticity of host 'bla' can't be established. + (protocol version 2 with pubkey authentication allows you to detect + MITM attacks) + 20020730 - (bal) [uidswap.c] SCO compile correction by gert@greenie.muc.de @@ -1465,4 +1479,4 @@ - (stevesk) entropy.c: typo in debug message - (djm) ssh-keygen -i needs seeded RNG; report from markus@ -$Id: ChangeLog,v 1.2409 2002/07/30 19:32:07 mouring Exp $ +$Id: ChangeLog,v 1.2410 2002/08/01 01:21:56 mouring Exp $ -- cgit v1.2.3