O'Reilly.com: dsniff and SSH - Reports of My Demise are Greatly ExaggeratedDec 24, 2000, 21:15 (0 Talkback[s])
(Other stories by Richard E. Silverman)
"On 17 December 2000, Dug Song released a new version of his well-known package of network sniffing tools, dsniff. The new release includes a tool named "sshmitm," which performs a man-in-the-middle attack (MITM) on the SSH-1 protocol."
"The following day, Kurt Seifried wrote an article titled The End of SSL and SSH? The article has generated a fair amount of discussion and buzz, not least because of its dire-sounding title. And there are certainly important implications to the appearance of sshmitm. Seifried's piece, however, contains several factual errors and misleading statements in discussing the details of SSH (secure shell), SSL (secure sockets layer), and MITM. This is unfortunate, since these shortcomings blur the essential message, which is valid and important to get out. This article attempts to correct some of those mistakes, and to clarify the issues involved."
"The MITM is not a new idea; it is a well-known general method of attack against authentication and key-exchange protocols. SSH includes mandatory server authentication specifically to thwart MITM. Naturally, this relies on the ability of the client to verify the claimed association between the server's public key and the identity of the server host. In an SSH session, the server hands the client a public key, then proceeds to prove that it has access to the corresponding private key. All well and good, but the server could have simply generated a brand-new key pair and done the same thing. For this transaction to be meaningful, the client must independently verify that this particular public key identifies the host that the client originally intended to contact. Solving this "key-distribution problem" is a necessary part of public-key authentication techniques."