Penetration Testing mailing list archives
Re: How to decrypt a connection SSH v2?
From: "Paul Melson" <pmelson () gmail com>
Date: Thu, 10 Jul 2008 00:00:47 -0400
On Wed, Jul 9, 2008 at 10:05 PM, Ulises2k <ulises2k () gmail com> wrote:
Hi, How to decrypt a connection SSH v2? I have the private and public keys. I have all sesion sniffed.
I'm afraid that's not enough. SSH implements forward secrecy [1], which means that the server uses temporary (or ephemeral) keys to encrypt the session traffic. Having the the private key doesn't give you the ability to reverse the ephemeral keys and actually decrypt session data. PaulM [1] http://en.wikipedia.org/wiki/Perfect_forward_secrecy ------------------------------------------------------------------------ This list is sponsored by: Cenzic Top 5 Common Mistakes in Securing Web Applications Get 45 Min Video and PPT Slides www.cenzic.com/landing/securityfocus/hackinar ------------------------------------------------------------------------
Current thread:
- How to decrypt a connection SSH v2? Ulises2k (Jul 09)
- Re: How to decrypt a connection SSH v2? Paul Melson (Jul 09)
- Re: How to decrypt a connection SSH v2? Ulises2k (Jul 10)
- Re: How to decrypt a connection SSH v2? Tim (Jul 10)
- Re: How to decrypt a connection SSH v2? Jimmy Brokaw (Jul 12)
- Re: How to decrypt a connection SSH v2? Ulises2k (Jul 10)
- Re: How to decrypt a connection SSH v2? Gary E. Miller (Jul 10)
- RE: How to decrypt a connection SSH v2? Paul Melson (Jul 10)
- RE: How to decrypt a connection SSH v2? Gary E. Miller (Jul 10)
- Re: How to decrypt a connection SSH v2? Ulises2k (Jul 10)
- Re: How to decrypt a connection SSH v2? Paul Melson (Jul 09)
- Re: How to decrypt a connection SSH v2? Tim (Jul 10)
- <Possible follow-ups>
- RE: How to decrypt a connection SSH v2? Gary E. Miller (Jul 10)
- Message not available
- Re: How to decrypt a connection SSH v2? Ulises2k (Jul 13)
- Message not available