SSH 动态端口转发有多安全？

Question 1

简单的回答是No。通过SOCKS代理传输的数据将具有与您的SSH会话可以提供的相同的加密强度（例如 RSA-1024、RSA-2048）。

话虽如此，为了让 ISP 读取您的数据，简而言之，他们必须说服您在身份验证开始时接受主机密钥等，而这些密钥不是来自您的远程服务器，而是来自 ISP。这就是为什么客户SSH端会显示如下所示的警告，警告您可能出现中间人攻击。

@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@    WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!     @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that the RSA host key has just been changed.
The fingerprint for the RSA key sent by the remote host is
3f:1b:f4:bd:c5:aa:c1:1f:bf:4e:2e:cf:53:fa:d8:59.
Please contact your system administrator.
Add correct host key in /home/peter/.ssh/known_hosts to get rid of this message.
Offending key in /home/peter/.ssh/known_hosts:3
RSA host key for 192.168.0.100 has changed and you have requested strict checking.
Host key verification failed.$

Answer

简单的回答是No。通过SOCKS代理传输的数据将具有与您的SSH会话可以提供的相同的加密强度（例如 RSA-1024、RSA-2048）。

话虽如此，为了让 ISP 读取您的数据，简而言之，他们必须说服您在身份验证开始时接受主机密钥等，而这些密钥不是来自您的远程服务器，而是来自 ISP。这就是为什么客户SSH端会显示如下所示的警告，警告您可能出现中间人攻击。

@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@    WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!     @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that the RSA host key has just been changed.
The fingerprint for the RSA key sent by the remote host is
3f:1b:f4:bd:c5:aa:c1:1f:bf:4e:2e:cf:53:fa:d8:59.
Please contact your system administrator.
Add correct host key in /home/peter/.ssh/known_hosts to get rid of this message.
Offending key in /home/peter/.ssh/known_hosts:3
RSA host key for 192.168.0.100 has changed and you have requested strict checking.
Host key verification failed.$

Question 2

如果对方无需解密即可读取数据，那么任何中间人也可以这样做。

Answer

如果对方无需解密即可读取数据，那么任何中间人也可以这样做。

SSH 动态端口转发有多安全？

答案1

答案2

相关内容