Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

Re: How to decrypt a connection SSH v2?

From: Ulises2k <ulises2k () gmail com>
Date: Thu, 10 Jul 2008 11:14:10 -0300
But I have all session sniffed.(tcpdump)
No only private and public keys.
Can I decrypt the session?

--
Ulises U. Cuñé
Web: http://www.ulises2k.com.ar


On Thu, Jul 10, 2008 at 01:00, Paul Melson <pmelson () gmail com> wrote:

On Wed, Jul 9, 2008 at 10:05 PM, Ulises2k <ulises2k () gmail com> wrote:

Hi,
How to decrypt a connection SSH v2?

I have the private and public keys.

I have all sesion sniffed.


I'm afraid that's not enough.  SSH implements forward secrecy [1],
which means that the server uses temporary (or ephemeral) keys to
encrypt the session traffic.  Having the the private key doesn't give
you the ability to reverse the ephemeral keys and actually decrypt
session data.

PaulM

[1] http://en.wikipedia.org/wiki/Perfect_forward_secrecy



------------------------------------------------------------------------
This list is sponsored by: Cenzic

Top 5 Common Mistakes in
Securing Web Applications
Get 45 Min Video and PPT Slides

www.cenzic.com/landing/securityfocus/hackinar
------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: