The cipher and mac selection according to this are in some sort of order in a config file. How do the client and server know that they are using the same ones though? Is this information exchanged in the beginning? Another question: was SSH v1 vulnerable to MiM attacks? From what I've been reading there is no certification authority involved.
Aucun commentaire:
Enregistrer un commentaire