SSH session can be hacked using MiTM(Man in The Middle) attack. This attack is known as ssh downgrade attack. Let us understand it. Suppose you are accessing machine C from machine A using ssh
A-------------------------------->C
Now suppose there is a machine B which come in middle and alter request that coming from A and forward it to C and vice versa.
A------(ssh request)--->B----------------->C
Now A send ssh request to C. C replies that it support Version1 and Version 2 of SSH protocol.
A--------------->-----------------C
A-----<-----(C only support V1) B-----<------C(support v1 and v2 of ssh)
But B alter packet and pass to A that C only support versio1 of SSH.
A-------->(ssh1)-----------B(sniff packet)------>------C
Since version1 of ssh is insecure by sniffing packets you can get login and password details passed in ssh. This attack is know as ssh downgrade attack, a MiTM implementation. You can try this using ettercap(http://ettercap.sourceforge.net/).
A-------------------------------->C
Now suppose there is a machine B which come in middle and alter request that coming from A and forward it to C and vice versa.
A------(ssh request)--->B----------------->C
Now A send ssh request to C. C replies that it support Version1 and Version 2 of SSH protocol.
A--------------->-----------------C
A-----<-----(C only support V1) B-----<------C(support v1 and v2 of ssh)
But B alter packet and pass to A that C only support versio1 of SSH.
A-------->(ssh1)-----------B(sniff packet)------>------C
Since version1 of ssh is insecure by sniffing packets you can get login and password details passed in ssh. This attack is know as ssh downgrade attack, a MiTM implementation. You can try this using ettercap(http://ettercap.sourceforge.net/).