List of ECDSA key fingerprints for SSH tunnel connections

[bumbleb33 0]

Hi,

 

Like it says in the documentation, and as is usual, upon the first connection to a ssh server to open a ssh tunnel, the authenticity via the ECDSA key fingerprint is stated. The documentation says to just accept it. But this is dangerous as it allows any intermediate to open a MITM attack.

 

So please compile a list of all servers (with their IPs) and their fingerprints so we can match them on the first connection.

 

Thanks!

[zhang888 1066]

The documentation says to just accept it. But this is dangerous as it allows any intermediate to open a MITM attack.

 

Not really.

Both SSL/SSH tunnels are there for the traffic pattern and not for any additional security.

An attacker with an SSL/SSH MITM will not be able to decrypt your OpenVPN encryption.

[bumbleb33 0]

 

The documentation says to just accept it. But this is dangerous as it allows any intermediate to open a MITM attack.

 

Not really.

Both SSL/SSH tunnels are there for the traffic pattern and not for any additional security.

An attacker with an SSL/SSH MITM will not be able to decrypt your OpenVPN encryption.

Yes you're right, I figured that too after posting my request.

Before I posted, I thought that AirVPN also supports ssh tunneling or opening a SOCKS server via ssh -D instead of just being an intermediate via port forwarding for the openvpn client.

 

ssh SOCKS server support would be a cool feature, any chance airvpn might add that?