begin xsprite quotation:
on Fri, Aug 24, 2001 at 10:35:49AM +0100, Sean Neakums scribbled:
begin MJ Ray quotation:
802.11? Airsnort!
ssh, stunnel, ipsec...
ssh: mitm, key stroke analysis (which seems to have been "discovered" lately but i thought it was obvious to anyone sitting down with tcpdump and an ethernet with ssh...)
Man in the middle is a problem only if you do not have the host key fingerprints for the hosts you plan to use. As you note later on in your post, this is a chicken and egg problem common to systems of this nature, but not an flaw inherent in SSH.
The problem with certificate based approaches is that in order to be relatively certain of the peers identity a second secure channel of communication is necessary to transmit the public certificates, otherwise, mitm is easy. And since you are trying to establish a secure channel, this makes it a chicken and egg problem.
Sure. The only way to safely communcate host key fingerprints is either in person or via PGP-signed[0] mail where the keys' autheticity has been established to an acceptable (to the parties involved) degree through signatures on the PGP keys used.
My main point, which I did not express explicitly, is that it is not the responsibility of the data link layer to make communications on that medium secure.
[0] PGP as in "any encryption system complying with the OpenPGP specification", if you prefer. I myself use GnuPG.