O'Reilly.com: dsniff and SSH - Reports of My Demise are Greatly Exaggerated | Linux Today

O’Reilly.com: dsniff and SSH – Reports of My Demise are Greatly Exaggerated

Written By
Web Webster
Web Webster
Dec 24, 2000

“On 17 December 2000, Dug Song released a new version of his
well-known package of network sniffing tools, dsniff. The new
release includes a tool named “sshmitm,” which performs a
man-in-the-middle attack (MITM) on the SSH-1 protocol.”

“The following day, Kurt Seifried wrote an article titled The
End of SSL and SSH? The article has generated a fair amount of
discussion and buzz, not least because of its dire-sounding title.
And there are certainly important implications to the appearance of
sshmitm. Seifried’s piece, however, contains several factual errors
and misleading statements in discussing the details of SSH (secure
shell), SSL (secure sockets layer), and MITM. This is unfortunate,
since these shortcomings blur the essential message, which is valid
and important to get out. This article attempts to correct some of
those mistakes, and to clarify the issues involved.”

“The MITM is not a new idea; it is a well-known general method
of attack against authentication and key-exchange protocols. SSH
includes mandatory server authentication specifically to thwart
MITM. Naturally, this relies on the ability of the client to verify
the claimed association between the server’s public key and the
identity of the server host. In an SSH session, the server hands
the client a public key, then proceeds to prove that it has access
to the corresponding private key. All well and good, but the server
could have simply generated a brand-new key pair and done the same
thing. For this transaction to be meaningful, the client must
independently verify that this particular public key identifies the
host that the client originally intended to contact. Solving this
“key-distribution problem” is a necessary part of public-key
authentication techniques.”

Complete
Story

Web Webster

Web Webster

Web Webster has more than 20 years of writing and editorial experience in the tech sector. He’s written and edited news, demand generation, user-focused, and thought leadership content for business software solutions, consumer tech, and Linux Today, he edits and writes for a portfolio of tech industry news and analysis websites including webopedia.com, and DatabaseJournal.com.

Linux Today Logo

LinuxToday is a trusted, contributor-driven news resource supporting all types of Linux users. Our thriving international community engages with us through social media and frequent content contributions aimed at solving problems ranging from personal computing to enterprise-level IT operations. LinuxToday serves as a home for a community that struggles to find comparable information elsewhere on the web.

Property of TechnologyAdvice. © 2026 TechnologyAdvice. All Rights Reserved

Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.