SSH-MITM is a man in the middle (mitm) server for security audits supporting public key authentication, session hijacking and file manipulation.
The first step to using any software package is getting it properly installed.
To install SSH-MITM, simply run this simple command in your terminal of choice:
$ pip install ssh-mitm
To start an intercepting mitm-ssh server on Port 10022, all you have to do is run a single command.
# start the mitm server
$ ssh-mitm server --remote-host 192.168.0.x
# connect to the mitm server
$ ssh -p 10022 user@proxyserverSSH-MITM is able to spoof FIDO Tokens which can be used for 2 factor authentication.
The attack is called trivial authentication (CVE-2021-36367, CVE-2021-36368) and can be enabled with the command line argument --enable-trivial-auth.
ssh-mitm server --enable-trivial-auth
Using the trivial authentication attack does not break password authentication, because the attack is only performed when a publickey login is possible.
Video explaining the spoofing attack:
Click to view video on vimeo.com
