0

If I connect using ssh to an ip address of a server and have to trust a new fingerprint. How hard is it to be a man in the middle to redirect my ip connection?

I.e. How much risk am I taking if I just trust a fingerprint?

Also I am not asking about the consequences once an attacker successfully becomes a man-in-the-middle, I am asking about how easy/hard would it be to become a man-in-the-middle in the first place.

Cyrus
  • 35
  • 3

1 Answers1

1

As others have pointed out, MITMing a SSH connection is no different from MITMing an SSL connection. All data is eventually sent as packets, and if an attacker can MITM your traffic, they can poison all your traffic.

By trusting a fingerprint that may have been poisoned by an attacker, an attacker can make you connect to their own server and get you to hand over your credentials, send you fake traffic or using the harvested credentials - even execute commands on your server.

Your final question has been answered several times - here, here and here. Tl;dr: It's extremely easy depending on the network that you're on and how you're interfacing with it.

thel3l
  • 3,394
  • 11
  • 24