Please forgive my terminology mishaps. Recently, I tried to connect to a server
ID: 659263 • Letter: P
Question
Please forgive my terminology mishaps.
Recently, I tried to connect to a server over SFTP. The SSH public key response differed by 1 byte to what I was expecting, from an info page.
I was tempted to go ahead and connect anyway, assuming it must be a typo. But I didn't, instead contacted the sysadmin. It turns out it was a typo, has been there since 'Heartbleed', and some how I'm the first to notice it.
If I had gone ahead and connected, what is the actual risk? I think I understand that I'm potentially connecting to an attacker's server instead of the one I intend to, but that raises two questions:
1. Surely there is no connection to me, so the "only" risk is that I upload something or enter some credentials, thinking it is the correct sever, but that I would not want an attacker to have? That is, there is no risk to the personal files on my machine, and the risk is over when I disconnect from the server?
2. The key is public. What stops an attacker using the correct public key for her own server, that I unwittingly connect to?
Or do I have it completely wrong?
Explanation / Answer
You're correct. The risk is what information you provide to the server, or on the server. The attacker could modify it's SSH client to inject some kind of malicious data in it's responses. However, it would have to conform to the SSH spec in order to be processed correctly by your SSH client, and then also do something malicious. Which in my opinion would be be non-trivial. Public and private keys are generated as a pair. As long as the key was generated with a cryptographically secure PRNG it will only have one private key paired with it.