mailing list archives
Re: sshd1 allows unencrypted sessions regardless of server policy
From: jmoran () IPASS NET (Joseph Moran)
Date: Wed, 15 Dec 1999 01:06:24 -0500
On Tue, 14 Dec 1999, Pavel Machek wrote:
Because passphrase-less hostkeys are 'encrypted' with cipher "none"
the code for this cipher is always compiled into the programs. This
way the client is free to choose "none" and no server will complain.
And what? Malicious ssh client can make non-encrypted connection. But
malicious ssh client can also send carbon-copy of all communication to
www.cia.org:5000! There's no way to protect from malicious ssh
Of course, but that's no excuse for a lapse in good programming. If the
server tells the client "here, pick from this list", it's common sense
that the server would check the client's response to see if it's valid.
That aside, this hole could be useful in a situation where Party A wants
to help Party B compromise a system without leaving a paper trail. Party
A trojans an ssh client binary, Innocent Bystander C does an ssh
connection somewhere, and Party B sniffs the cleartext traffic. No
evidence to point to Party B. If instead Party A trojaned the binary to
send Party B a carbon-copy, and a white hat could extract this, then Party
B is implicated.
sshd1 allows unencrypted sessions regardless of server policy Markus Friedl (Dec 14)
SSH-1.2.27 & RSAREF2 exploit Iván Arce (Dec 14)
SSH 1 Why? Daniel P. Zepeda (Dec 15)
Re: SSH 1 Why? Emiliano Kargieman (Dec 15)
Re: SSH 1 Why? Emiel Kollof (Dec 15)
Re: SSH 1 Why? Iván Arce (Dec 16)
Re: SSH 1 Why? R. J. Wysocki (Dec 18)
Groupewise Web Interface Sacha Faust Bourque (Dec 19)
Re: Groupewise Web Interface Raymond Dijkxhoorn (Dec 20)
Re: Groupewise Web Interface Bayard G. Bell (Dec 21)