Bugtraq mailing list archives
Re: sshd1 allows unencrypted sessions regardless of server policy
From: markus.friedl () INFORMATIK UNI-ERLANGEN DE (Markus Friedl)
Date: Wed, 15 Dec 1999 23:13:27 +0100
On Tue, Dec 14, 1999 at 02:35:05PM -0500, Michael H. Warfield wrote:
On Tue, Dec 14, 1999 at 04:43:32PM +0100, Markus Friedl wrote:Because passphrase-less hostkeys are 'encrypted' with cipher "none" the code for this cipher is always compiled into the programs. This way the client is free to choose "none" and no server will complain.AFAIK... The passpharse-less host keys are encrypted with 3-DES and no password. [...]
Please look at the source. E.g. ssh-1.2.12/authfile.c reads: int save_private_key( [...] if (strcmp(passphrase, "") == 0) cipher_type = SSH_CIPHER_NONE; Older versions may have used a real cipher with key "". Note also that SSH_CIPHER_NONE is also used for 'encryption' before client and server have exchanged the session-key. Many of you disagree with me and are saying that this cipher-none issue is a non-issue. But once more I like to point out that this a security problem in a wider sense as it affects your security _policy_. If you decide to remove telnet/rlogin and configure ssh with '--without-none' you still have not disabled cleartext logins. This is not about bufferoverflows or exploits, this is about your security _policy_, so it is still a security issue. Moreover, if a third party manages to replace the (unauthenticated) server messages "I will accept only ciphers IDEA and 3DES" with "I will accept only cipher NONE" you don't even need a malicious client.
Current thread:
- Re: sshd1 allows unencrypted sessions regardless of server policy der Mouse (Dec 14)
- <Possible follow-ups>
- Re: sshd1 allows unencrypted sessions regardless of server policy Markus Friedl (Dec 15)