Re: spoof rsa fingerprint

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



http://www.openssl.org/news/secadv_20060905.txt

--- On Sat, 11/14/09, Eugeneapolinary Ju <eugeneapolinary81@xxxxxxxxx> wrote:

> From: Eugeneapolinary Ju <eugeneapolinary81@xxxxxxxxx>
> Subject: spoof rsa fingerprint
> To: "fedora list" <fedora-list@xxxxxxxxxx>
> Date: Saturday, November 14, 2009, 11:09 PM
> When I first log in to my router
> [192.168.1.1] through ssh, it says:
> 
> The authenticity of host 'XXXX.XX (192.168.1.1)' can't be
> established.
> RSA key fingerprint is
> 51:c6:d1:7a:45:c4:74:3e:31:ee:3a:5a:2d:e1:bf:74.
> Are you sure you want to continue connecting (yes/no)?
> 
> that's OK [it gets stored in the known_hosts file, on my
> client machine].
> 
> But:
> 
> what happens, if someone turns off my router, then installs
> a pc with ip 192.168.1.1?
> 
> And! - it spoofs _the same rsa fingerprint_, that was on my
> router.
> 
> Then, when I want to log in to 192.168.1.1, I will type my
> password, and it will stole my password...
> 
> 
> So the question is:
> 
> Could that be possible, to spoof the rsa_fingerprint?
> [because the router say's the fingerprint when first logging
> in to it, etc..so could that be spoofed?]
> 
> 
>       
> 


      

-- 
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines

[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux