Network Security: Detailed info on Re: Decrypting an ssh session knowing the private key?

Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.

Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.

Network Security Secure-Shell

[Top] [All Lists]

Re: Decrypting an ssh session knowing the private key?

from [Mark Senior] Network Security

[Permanent Link]

Subject:	Re: Decrypting an ssh session knowing the private key?
Date:	Fri, 6 Oct 2006 12:03:57 -0600

I would like to write a program that could deycrypt ssh communication
by using the private key of the server computer. This should be

possable right?

I don't believe that is the case.  SSH uses its private key only to
certify its identity to the client.  So knowing the private key lets
you do a monkey in the middle attack, but not to decrypt a captured
stream.

Keying material is derived using the Diffie-Hellman algorithm, which
uses randomly generated secrets at both ends.  You'd have to know the
transient Diffie-Hellman secret used by either the server or client.

Regards
Mark

[More messages with this same subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
Decrypting an ssh session knowing the private key?, Jeff Sadowski Re: Decrypting an ssh session knowing the private key?, Christian Grunfeld Re: Decrypting an ssh session knowing the private key?, Mark Senior <= RE: Decrypting an ssh session knowing the private key?, Patrick Morris Re: Decrypting an ssh session knowing the private key?, Giancarlo Razzolini

Previous by Date:	Re: Decrypting an ssh session knowing the private key?, Christian Grunfeld
Next by Date:	RE: Decrypting an ssh session knowing the private key?, Patrick Morris
Previous by Thread:	Re: Decrypting an ssh session knowing the private key?, Christian Grunfeld
Next by Thread:	RE: Decrypting an ssh session knowing the private key?, Patrick Morris
Indexes:	[Date] [Thread] [Top] [All Lists]