spoof rsa fingerprint
eugeneapolinary81 at yahoo.com
Sun Nov 15 06:56:41 UTC 2009
--- On Sat, 11/14/09, Eugeneapolinary Ju <eugeneapolinary81 at yahoo.com> wrote:
> From: Eugeneapolinary Ju <eugeneapolinary81 at yahoo.com>
> Subject: spoof rsa fingerprint
> To: "ubuntu list" <ubuntu-users at lists.ubuntu.com>
> Date: Saturday, November 14, 2009, 11:09 PM
> When I first log in to my router
> [192.168.1.1] through ssh, it says:
> The authenticity of host 'XXXX.XX (192.168.1.1)' can't be
> RSA key fingerprint is
> Are you sure you want to continue connecting (yes/no)?
> that's OK [it gets stored in the known_hosts file, on my
> client machine].
> what happens, if someone turns off my router, then installs
> a pc with ip 192.168.1.1?
> And! - it spoofs _the same rsa fingerprint_, that was on my
> Then, when I want to log in to 192.168.1.1, I will type my
> password, and it will stole my password...
> So the question is:
> Could that be possible, to spoof the rsa_fingerprint?
> [because the router say's the fingerprint when first logging
> in to it, etc..so could that be spoofed?]
More information about the ubuntu-users