12. SSHv2

• the session key is generated by the Diffie-Hellman protocol:
  • the server authenticates by signing a fingerprint of exchanged messages
  • client authentication uses same methods as sshv1
• the attack is always possible by a mitm attack against the DH protocol
• sshmitm doesn't implement sshv2