Bugtraq mailing list archives
Re: yet another OpenSSH timing leak?
From: Gianluca Varisco <giangy () techtemple org>
Date: Tue, 10 Oct 2006 00:41:25 +0200
Marco Ivaldi wrote:
It needs expect, and target ssh hostkey must be already added. I'd be very interested in knowing the results of tests performed on other distros and configurations.
Hi Marco,nice to meet you :-). I tried to do this test over my 10 Mbps lan and this is the result:
giangy@thor:~/dev$ ./sshtime calipso users.txt a@calipso real 9.55 root@calipso real 9.33 <- valid user with shell wheel@calipso real 10.44 giangy@calipso real 9.49 cdrom@calipso real 9.68 burning@calipso real 9.47 mysql@calipso real 9.35 operator@calipso real 9.59 <- valid user with shell test@calipso real 9.51 <- valid user with shell Another test: a@calipso real 9.37 root@calipso real 9.90 <- valid user with shell wheel@calipso real 10.66 giangy@calipso real 9.41 cdrom@calipso real 9.30 burning@calipso real 10.30 mysql@calipso real 9.47 operator@calipso real 10.21 <- valid user with shell test@calipso real 10.98 <- valid user with shell daemon@calipso real 7.14 abcd@calipso real 7.20"root", "operator" and "test" are valid users with a valid shell enabled. I made this test on Slackware 11.0 (fresh installation) with OpenSSH_4.4p1. I used the default sshd_config (see http://slackware.osuosl.org/slackware-current/source/n/openssh/ for more informations about the package). So, I don't received any timing leak in this session.
I'll try as possible other distributions and configurations. However, good work Marco :-).
Best Regards, Gianluca Varisco
Current thread:
- yet another OpenSSH timing leak? Marco Ivaldi (Oct 09)
- Re: yet another OpenSSH timing leak? Gianluca Varisco (Oct 10)
- <Possible follow-ups>
- Re: yet another OpenSSH timing leak? Marco Ivaldi (Oct 10)
- Re: yet another OpenSSH timing leak? Marco Ivaldi (Oct 14)