undefined | Better HN

0 pointsflumpcakes1mo ago0 comments

> Couldn’t the MITM ssh server just forward the client’s fingerprint to the legitimate server?

Fingerprints are derived from the certificates/private keys. Unless I don't understand some basic crypto, or SSH works in some obtuse way, I do not think it would be possible for the MITM attacker to present the server with the true client's fingerprint unless they also had had the client's private key.

0 comments

3 comments · 3 top-level

Groxx1mo ago

To try to add some explanation here: the server doesn't send the fingerprint. The server sends the public key, your computer just shows a fingerprint because it's more human-friendly and sufficiently secure.

If they forward the real key, so it matches the fingerprint, and you use it, they can't MITM the request because they can't read the contents.

MaxBarraclough1mo ago

> Fingerprints are derived from the certificates/private keys

SSH fingerprints are derived from the public key. https://superuser.com/a/453022

hnlmorg1mo ago

Ah thanks for the explanation. It’s been a long long time since I’ve delved this deeply into the topic.

j / k navigate · click thread line to collapse