[Secure-testing-team] Bug#481853: [openssh-client] "ssh-vulnkey -a" does not see the weak keys of the user
Anthony DeRobertis
anthony at derobert.net
Mon May 19 14:40:18 UTC 2008
On Mon, May 19, 2008 at 09:58:20AM +0100, Dominic Hargreaves wrote:
> Deleting a known_hosts file containing weak keys will not gain you any
> security (rather, it'll lose you security unless you rigourously check
> all the fingerprints of the host keys that used to be stored there).
Correct me if I'm wrong, but there really isn't much of a security
difference between just saying "yes" to the prompt and trusting the weak
key to verify the host. Well, other than that when you say "yes", at
least you know that you're trusting w/o any verification.
I'd suggest that OpenSSH should refuse to connect to a host with a
compromised host key. Or at least put up a message no less scary than
the man-in-the-middle one.
More information about the Secure-testing-team
mailing list