> :But this doesn't protect you against a trojaned client, and it
> :will be difficult to get it verify the hostkey.
> Hmmm. I am not sure I understand this. My aim is to prevent someone from
> obtaining the password by packet sniffing. Authentication is still using
The solution I suggested is probably secure against passive
attacks. That means people will not get any information by
sniffing. But if anybody is able to redirect a TCP connection
they can attack the system.
There are two ways to make an active attack on this system.
First they could attack the download from the webserver. If
the attacker sends a trojan version of the ssh client to the
client computer it could sniff anything.
The other option is to attack the ssh connection. Usually
this is prevented by the host key, but in the suggested
setup the host key is not verified. So a man in the middle
attack would be possible.
If you are only worried about sniffing my suggestion can be
> Have a nice day,
Notice: By sending SPAM (UCE/BCE) to this address, you are
accepting and agreeing to our charging a $1000 fee, per
email, for handling and processing, and you agree to pay any
and all costs for collecting this fee.