[TriLUG] Semi-OT: Detecting HTTPS inspection? Does that compromise SSH?
matt at noway2.thruhere.net
matt at noway2.thruhere.net
Mon Jun 2 17:13:51 EDT 2014
>
> What I did was remove the entry from PuTTY's known-hosts cache and
> reconnect, then observe that the RSA fingerprint PuTTY showed me for the
> now-untrusted connection matched the fingerprint I got when I used
> ssh-keygen -l to list the fingerprint on the server.
>
> So I think I'm relatively safe on that front, at least. I may have to
> stop doing any online banking from the office, though.
>
> Thanks!
> ~B
An encrypted SSL page within an encrypted tunnel. That would be a pretty
good hoop to jump through to do SSL inspection.
If you have any doubt, just rerun SSH keygen and generate a new
certificate. Might be going overboard but you could also run the ssh
keygen on your server machine and then move the private key to your PC.
Remember too with SSH that it uses the public key exchange system to
establish the connection and then switches to symmetric keys for speed.
That is yet another layer for a spy to go through on SSH over an HTTPS
page.
More information about the TriLUG
mailing list