By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

Anyway to *NOT* get MITM'ed?

0

There appears to be no way to set the host key, nor to get the host key fingerprint.

At this is the conclusion after multiple frustrating exchanges with support.

Am I missing something here? Is everyone using SFTP just accepting the risk of MITM by the TCP/IP operator?

Topics
AWS Well-Architected Framework
Tags
Security
Language
English
paul__draper
asked 5 years ago245 views
2 Answers
0

When you get a "Man In The Middle" attack message, it's because the IP address of your server endpoint is the same as before, but the host key changed. Is that your case?
Also, you can see the server fingerprint by using the DescribeServer API: https://docs.aws.amazon.com/transfer/latest/userguide/API_DescribeServer.html

AWS
AWS-User-9826533
answered 5 years ago
0

Well, I have no way of knowing if I am MITM; i.e. if the traffic is being delivered to the expected identity, since SSH doesn't use PKI like SSL/TLS certs.

Thanks for showing how to get the host key. That answers my question perfectly, particularly since SFTP FAQ says the host key never changes.
I'll let the support rep know :/

paul__draper
answered 5 years ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content