SSH是一款可以提供保密性、完整性和身份认证的应用层安全协议。 SSHv2规定服务器身份认证时采用证书的方式通告自身公钥,并用数字签名技术进行认证,能够抵抗SSHv1所面临的中间人攻击。但是在SSHv2具体实现的过程中,不完善的网络环境会形成漏洞,研究发现对具有强攻击能力的攻击者而言,可以通过网络攻击植入伪证书进行中间人攻击。%SSH is a security protocol at application level providing the confidentiality , integrity and authentication .SSHv2 specifies that in server’s authentication it announces its own public key in the way of certificate and authenticates with digital signature technology , and can resist MIMA (man-in-the-middle attack) encountered by SSHv1.However, in specific implementation process of the SSHv 2 application, the imperfect internet environment may lead to vulnerabilities .The study finds that for the attackers who have strong attacking capabilities , it can implement MIMA by embedding the forgery certificates through networks .
展开▼