[tor-talk] Anecdotical experience of SSH MITM
carlo von lynX
lynX at time.to.get.psyced.org
Sat Jul 15 11:33:52 UTC 2017
Hi, I report an experience I seem to have made.
In recent weeks I was occasionally prompted with
a wrong SSH key for my server, like this:
RSA key fingerprint is SHA256:DcXN8UTcDaCz7N1BoUXc9H8yUAs4gxiy37Y1+BDIhUU.
Today I was fast enough to look up the stream
list, using remotor:
2602 SUCCEEDED 1183 [destination-host-scrapped]:2222
Yes, the intervention happened on a non-standard
ssh port. I looked up the circuit in the circuit
status list (the "1183"):
1183 BUILT [entry-guard-scrapped],jaures3,coriandolino c
To ensure the circuit hadn't changed while I looked it
up, I tried connecting again, resulting in the same false
certificate prompt.
Next I hit 'new identity' and was able to log in without
disruptions over some other friendly exit node.
Thank you for your attention in the matter.
Make your own deductions.
--
E-mail is public! Talk to me in private using encryption:
http://loupsycedyglgamf.onion/LynX/
irc://loupsycedyglgamf.onion:67/lynX
https://psyced.org:34443/LynX/
More information about the tor-talk
mailing list