Re: Reconstruct ssh session
>>>>> "amitjain9" == amitjain9 <email@example.com> writes:
amitjain9> Hi, 1) I need to reconstruct ssh sessions for my
amitjain9> application. I have already sniffed the ssh session. Can I
amitjain9> decrypt it using private keys of both host if available?
No. SSH has perfect forward secrecy, that is, it generates per-session
encryption keys which do not depend on the hostkeys on either side.
amitjain9> If not with private key, what else is required to decrypt the
You would need to hack the SSH implementation to give you the session
amitjain9> 2) I used dumpssl with openssl to decrypt https sessions
amitjain9> with known private key.
That only works if you use a non-pfs cipher suite. SSH has no such
option, at least not with the usual key exchange algorithms.