Re: Sniffing SSH and HTTPS

To: debian-security@lists.debian.org
Subject: Re: Sniffing SSH and HTTPS
From: Michael Wood <mwood@its.uct.ac.za>
Date: Wed, 29 Aug 2001 09:31:39 +0200
Message-id: <[🔎] 20010829093139.C30181@len.its.uct.ac.za>
Mail-followup-to: Michael Wood <mwood@its.uct.ac.za>, debian-security@lists.debian.org
In-reply-to: <[🔎] 871ylvivpo.fsf@hackerhue.ddts.net>
References: <[🔎] Pine.LNX.4.21.0108282022360.27979-100000@gatekeeper.jane.org> <[🔎] 871ylvivpo.fsf@hackerhue.ddts.net>

On Tue, Aug 28, 2001 at 05:57:39PM -0600, Hubert Chan wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> >>>>> "Richard" == Richard  <ricv@denhaag.org> writes:
> 
> [...]
> 
> Richard> There also an analasis of the ssh packetstream
> Richard> revealing the number of chars in the passwd.
> 
> Small clarification: this may reveal the number of characters
> in any password that you type _within_ the ssh session.  This
> does not affect the password that you use to initially log in,
> as the whole password is sent in one packet.

indeed.

> Of course, the attacker would need to know that you are typing
> in a password at that time.

Ahhh, but this is quite easily guessable, since for most stuff
you type, the server echos it.  For passwords, it doesn't.  i.e.
just watch the SSH session, and when you see packets going to
the server that aren't being echoed you know the person is
typing a password and you can count the characters.

> Richard> Attacks can still be done when the fingerprint is
> Richard> unkown (e.g. first connect to the box)
> 
> Yes, and to answer the OP's second question (how to make ssh
> secure), copy the server's public key over a known secure
> channel (e.g. if you're at work, get the admin to stick it on
> a floppy for you), or get the fingerprint over a known secure
> channel (e.g. phone the admin and ask for the fingerprint).

And make SSH refuse to connect if it doesn't have the server in
/etc/ssh/known_hosts.

> Richard>  or brute-force on fingerprint / rsa / dsa.
> 
> And if you manage to brute-force the fingerprint/rsa/dsa,
> we've got problems.

:)

The problem with man in the middle attacks is that people far
too easily click on "Yes" when asked to accept a key that has
changed (or type in "yes" when asked a similar question by SSH.)

i.e. you should make sure you copy the relevant keys over a
secure channel (as mentioned above) and then make sure your
client is configured not to work if it doesn't have the server's
key already.

This doesn't work when you want to connect to some arbitrary
"secure" web site, though.

-- 
Michael Wood
<mwood@its.uct.ac.za>

Reply to:

Follow-Ups:
- Re: Sniffing SSH and HTTPS
  - From: Eric E Moore <e.e.moore@shef.ac.uk>
- Re: Sniffing SSH and HTTPS
  - From: Hubert Chan <hackerhue@geek.com>

References:
- Re: Sniffing SSH and HTTPS
  - From: Richard <ricv@denhaag.org>
- Re: Sniffing SSH and HTTPS
  - From: Hubert Chan <hackerhue@geek.com>

Prev by Date: [Fwd: Re: Open SSL Certificate]
Next by Date: Re: Sniffing SSH and HTTPS
Previous by thread: Re: Sniffing SSH and HTTPS
Next by thread: Re: Sniffing SSH and HTTPS
Index(es):
- Date
- Thread