on Fri, Aug 24, 2001 at 12:50:16PM +0100, Sean Neakums scribbled:
Man in the middle is a problem only if you do not have the host key fingerprints for the hosts you plan to use. As you note later on in your post, this is a chicken and egg problem common to systems of this nature, but not an flaw inherent in SSH.
True, but with ssh you are interacting with the user who is not always aware of what those "weird error messages" mean. Making it semantical (or whatever the word is :)
Sure. The only way to safely communcate host key fingerprints is either in person or via PGP-signed[0] mail where the keys' autheticity has been established to an acceptable (to the parties involved) degree through signatures on the PGP keys used.
Yep, I've yet to see this implemented in any ssh implementation? gpg/openssh integration would be nice. or just keys stored in openpgp format. gpg --recv-keys to obtain host keys would be interesting.
My main point, which I did not express explicitly, is that it is not the responsibility of the data link layer to make communications on that medium secure.
Yes. The transport or session layer is far more apt and more flexible.