Uploaded image for project: 'Maven Wagon'
  1. Maven Wagon
  2. WAGON-194

wagon-ssh is vulnerable to man in the middle attacks

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Closed
    • Critical
    • Resolution: Fixed
    • None
    • 1.0-alpha-5
    • wagon-ssh
    • None

    Description

      There is no way to handle known hosts/fingerprints in wagon-ssh.

      ¡Encryption without knowing who you are talking with has no fun!

      i will try to provide a patch

      Attachments

        1. WAGON-SSH-12.diff
          37 kB
          Juan F. Codagnone

        Issue Links

          is depended upon by

          Bug - A problem which impairs or prevents the functions of the product. MNG-1131 address necessary wagon issues

          • Major - Major loss of function.
          • Closed
          relates to

          Bug - A problem which impairs or prevents the functions of the product. WAGON-200 authentication with passwords can fail in some environments

          • Minor - Minor loss of function, or other problem where easy workaround is present.
          • Closed

          Activity

            People

              brett Brett Porter
              juam Juan F. Codagnone
              Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: