IETF-SSH archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: Steve Bellovin: ssh2 mitm attack?
I pointed this out on the openssh-unix-dev mailing list in January
http://marc.theaimsgroup.com/?l=openssh-unix-dev&m=101069187914700&w=2
and there was some discussion but Marcus didn't seem to think it was
worth worrying about.
- Dave Dykstra
On Fri, Jul 26, 2002 at 03:55:23PM -0400, Bill Sommerfeld wrote:
> [before anyone panics, this is a variant on the "hijack the connection
> and substitute a different host key".
>
> The problem described here is that at least some implementations
> effectively maintain separate host key databases per (host key
> algorithm, major protocol revision) pair, so that you get the
> non-scary "no host key known" user prompt rather than the scary "host
> key has changed" when a man-in-the-middle attacker does an
> upgrade/downgrade/host key algorithm change.
>
> - Bill]
>
> ------- Forwarded Message
>
> X-Mailer: exmh version 2.5 07/13/2001 with nmh-1.0.4
> From: Steve Bellovin <smb%research.att.com@localhost>
> To: sommerfeld%eng.sun.com@localhost
> Subject: ssh2 mitm attack?
> Cc: jis%mit.edu@localhost
> Mime-Version: 1.0
> Content-Type: text/plain; charset=us-ascii
> Date: Thu, 25 Jul 2002 07:48:54 -0400
> Message-Id: <20020725114855.358CD7B4D%berkshire.research.att.com@localhost>
> Content-Length: 363
>
> Bill, have a look at http://www.phrack.org/show.php?p=59&a=11http://www.phrack.org/show.php?p=59&a=11
> and in particular at the ssh2-only attack. Are any changes to the
> drafts necessary? (I haven't had a chance to read them in light of
> this advisory.)
>
> --Steve Bellovin, http://www.research.att.com/~smb (me)
> http://www.wilyhacker.com ("Firewalls" book)
>
>
>
> ------- End of Forwarded Message
Home |
Main Index |
Thread Index |
Old Index