AW: [FreeNX-kNX] Alioth projekt for FreeNX debian packages
Paul van der Vlis
paul at vandervlis.nl
Sun Jun 19 13:53:45 UTC 2005
Martin Heddergott schreef:
>>No, because the key we are talking about is not used to encrypt the
>>traffic but only for authenticating the nx user to the SSHD server.
>>SSHD will then yield the control to nxserver, being nxserver the nx
>>user's login shell. Both host authentication and all the other TLS
>>features of SSH are entirely preserved.
>
>
> Hi,
> sorry,i've still a question on this Topic.
> The Connection to the nxserver is established by public/private key
> auth. for user nx. The Shell for this User is nxserver which askes
> for Username and Password.
> Because the nomachine private key is known, it is possible to
> intercept and decrypt the Username and Passwort as said by Felix
> schumacher. And there will be no warning like Paul van der Vlis said
> if the Interceptor uses the nomachine key - or am i wrong ?
The warning comes, because the machine has another host-key. That's
something different as the private key. The host-key is made when you
install SSH, most of the time when you install a distribution.
When your machine is a copy of another machine, they will have the same
host-key (untill you created a new one).
Please correct me when I am wrong.
With regards,
Paul van der Vlis.
More information about the FreeNX-kNX
mailing list