-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Yo Paul
On Thu, 10 Jul 2008, Paul Melson wrote:
> On Wed, Jul 9, 2008 at 10:05 PM, Ulises2k <ulises2k_at_gmail.com> wrote:
> > How to decrypt a connection SSH v2?
> > I have the private and public keys.
> > I have all sesion sniffed.
>
> I'm afraid that's not enough. SSH implements forward secrecy [1],
- From your wikipedia reference:
"In an authenticated key-agreement protocol that uses public key
cryptography, perfect forward secrecy (or PFS) is the property
that ensures that a session key derived from a set of long-term
public and private keys will not be compromised if one of the
private keys is compromised in the future."
I assume if the attacker has the public and private keys from not just
one, but both ends, that PFS is not an obstacle.
RGDS
GARY
- ---------------------------------------------------------------------------
Gary E. Miller Rellim 109 NW Wilmington Ave., Suite E, Bend, OR 97701
gem_at_rellim.com Tel:+1(541)382-8588
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (GNU/Linux)
iD8DBQFIdiKo8KZibdeR3qURAtBXAKCKtVv1QcGyR5KRX+xClbcPqpy+UwCg8cQe
TVJP26xHZEzt4ipvGkGlK44=
=DWLn
-----END PGP SIGNATURE-----
------------------------------------------------------------------------
This list is sponsored by: Cenzic
Top 5 Common Mistakes in
Securing Web Applications
Get 45 Min Video and PPT Slides
www.cenzic.com/landing/securityfocus/hackinar
------------------------------------------------------------------------
Received on Jul 10 2008
Intro
