On 03/27/2016 10:31 PM, D. Hugh Redelmeier wrote:
SSH does a few things for authentication.
SSH hosts have keys. An SSH client warns the user if a hosts key has changed since the last time they talked. This puts little burden on the user and yet gives some security. But it won't detect a man-in-the-middle that was there from first contact.
Users can authenticate with a client via passwords or via a public key. Both require out-of-band installation of credentials.
I think that the password will travel over the wire when authenticating, but encrypted. But a spoofing server could collect passwords.
With a public key system (like RSA), only a signature goes over the wire. So a spoofing server could not collect the key. Things get a little more intricate when you use ssh-agent for forwarding authenticaton.
I thought ssh used a public/private key system, at least when used passwordless. I have to generate a public/private key pair and place the public key on the servers I connect to and keep the private key on my computer. Also, Cisco gear supports ssh with RSA keys.