Richard Kettlewell <invalid@invalid.invalid> gabbled:
boltar@caprica.universe writes:Richard Kettlewell <invalid@invalid.invalid> gabbled:>boltar@caprica.universe writes:>cross@spitfire.i.gajendra.net (Dan Cross) gabbled:><boltar@caprica.universe> wrote:>On Thu, 16 Apr 2026 20:29:37 +0100>
A hacked version of ssh could save or forward everything it
receives.
Not if it can't read the host key because it doesn't have
permissions to open the file the key is stored in, and so it
Why wouldn't it have permissions if a user has set up the whole
thing?
Non-root users can’t read the legitimate host key:
Why would the hacked server need to?
The point is that your hacked server is not going to be using the
legitimate host key.
And why would there be a legitimate host key in the first place? You're
assuming there was a legitimate version of sshd running there beforehand
which clients had connected to.
How can it have changed if the only sshd running was the one the hacker>
set up?
Largely already discussed in <wwvo6jh1cfw.fsf@LkoBDZeT.terraraq.uk>, but
in brief, if the client doesn’t already trust the key then the user gets
told that the key is unknown, and if it does then the user has at some
point in the past chosen to trust that key (or a CA that signed it).
Yes, we all know this. And? No one when first connecting to an sshd goes
to google the key to see if its valid, they type "yes" and carry on.
Les messages affichés proviennent d'usenet.