search for: benoy

...Product: Portable OpenSSH Version: 5.4p1 Platform: ix86 OS/Version: Linux Status: NEW Severity: normal Priority: P2 Component: Smartcard AssignedTo: unassigned-bugs at mindrot.org ReportedBy: daniel at benoy.name Here's what I get when I try to use my MuscleCard PKCS#11 library with SSH: ---------- $ ssh -v -I /usr/local/lib/libmusclepkcs11.so root at jackson OpenSSH_5.4p1, OpenSSL 0.9.8k 25 Mar 2009 debug1: Reading configuration data /etc/ssh/ssh_config debug1: ssh_set_validator: ignore respond...

It does, thanks. So if the password is known, or the KDC compromised, then in principle MITM becomes possible? On 2017-08-14 15:28, Andrew Bartlett wrote: > On Mon, 2017-08-14 at 06:45 -0400, Daniel Benoy via samba wrote: >> Is it perhaps using your password somehow? Like, if an attacker knew >> the >> password that the client is using to connect, would it then be able to >> MITM and watch all the writes and reads that client performs, but >> since >> an attacke...

I'm interested in using SMB encryption to connect over untrusted networks. I see that I can enable it in samba with 'smb encrypt = ...' which is great, and I'm seeing posts from Microsoft (like this one: https://technet.microsoft.com/en-us/library/dn551363(v=ws.11).aspx) bragging about how it can detect man-in-the-middle attacks. Can anyone point me at the basic details of how

...client when trying to authenticate (something which should decrypted using user's password), is it possible to brute force this initial ticket locally? Mathias 2017-08-15 3:29 GMT+02:00 Andrew Bartlett via samba <samba at lists.samba.org>: > On Mon, 2017-08-14 at 20:26 -0400, Daniel Benoy via samba wrote: > > It does, thanks. > > > > So if the password is known, or the KDC compromised, then in > > principle > > MITM becomes possible? > > Yes. > > Andrew Bartlett > -- > Andrew Bartlett > https://samba.org/~abartlet/ > Authenticati...