Re: Rekey issue

To: Mouse <mouse%Rodents-Montreal.ORG@localhost>
Subject: Re: Rekey issue
From: nisse%lysator.liu.se@localhost (Niels Möller)
Date: Tue, 14 Jun 2016 14:48:00 +0200

Mouse <mouse%Rodents-Montreal.ORG@localhost> writes:

>>> I can see at least three ways of dealing with this: (1) [...], (2)
>>> [...], and (3) when rekeying, behave as normal except that a second
>>> copy of the host key from the first time around is, effectively,
>>> added as a trusted key for the host.
>
>> OpenSSH does:
>
>> (4) silently accept the hostkey if it is identical to the one used to
>> authenticte the previous KEX, search the known hostkeys otherwise and
>> if not found there then do whatever is configured for hiterto-unknown
>> hostkeys.
>
> I must be missing something.  To me, this sounds like (3).  What's the
> difference?

Not sure if the distinction was intended, and if so, if it matters, but
consider the case where the same (previously unknown) host key A occurs
in the first and third key exchange, but a distinct host key B is used
(and somehow accepted) in the second keyexchange.

In this scenario, (3) unconditionally accepts A as trusted when it
returns in the third key exchange, while (4) doesn't.

Regards,
/Niels

-- 
Niels Möller. PGP-encrypted email is preferred. Keyid C0B98E26.
Internet email is subject to wholesale government surveillance.

Follow-Ups:
- Re: Rekey issue
  - From: Mouse

References:
- Rekey issue
  - From: Mouse
- Re: Rekey issue
  - From: Damien Miller
- Re: Rekey issue
  - From: Mouse

Prev by Date: Re: Rekey issue
Next by Date: Re: Rekey issue
Previous by Thread: Re: Rekey issue
Next by Thread: Re: Rekey issue
Indexes:

Home | Main Index | Thread Index | Old Index