Firewall Wizards mailing list archives

RE: ssh holes? Trojans? [long]

From: Ben Nagy <bnagy () sa volante com au>
Date: Mon, 25 Sep 2000 09:21:03 +0930

-----Original Message-----
From: Magosányi Árpád [mailto:mag () bunuel tii matav hu]
Sent: Thursday, 21 September 2000 5:53 PM
To: Ben Nagy
Cc: 'firewall-wizards () nfr net'
Subject: Re: [fw-wiz] ssh holes? Trojans? [long]

[snip]

In summary, though, it's quite hard to do what you want. What you're
effectively trying to do is mount an active

man-in-the-middle (MitM) attack

against the protocol. Sadly, the ephemeral keying in the

SSH transport layer

is signed Diffie-Hellman, which is resistant to MitM.


[good description of the problems]

Actually I have seen such an implementation working. It was
written by
bazsi () balabit hu for a never published firewall product, based on lsh.


OK, you're scaring me. If you've seen a working implementation of a product
that can do SSH MitM without a compromised client and allowing cleartext
monitoring of the traffic that's a *serious* flaw in the protocol.

I don't mean to sound sceptical, but are you_sure_ that's what you're
saying?

Someone call the IETF! ;)

Cheers,

--
Ben Nagy
Network Consultant, Volante Solutions
PGP Key ID: 0x1A86E304  Mobile: +61 414 411 520 

_______________________________________________
Firewall-wizards mailing list
Firewall-wizards () nfr net
http://www.nfr.net/mailman/listinfo/firewall-wizards

Current thread:

RE: ssh holes? Trojans? [long] Ben Nagy (Sep 20)
- Re: ssh holes? Trojans? [long] Magosányi Árpád (Sep 22)
- Re: ssh holes? Trojans? [long] Robert Collins (Sep 22)
- <Possible follow-ups>
- RE: ssh holes? Trojans? [long] Ben Nagy (Sep 25)
  - Re: ssh holes? Trojans? [long] Magosányi Árpád (Sep 26)
- RE: ssh holes? Trojans? [long] sean . kelly (Sep 25)
- RE: ssh holes? Trojans? [long] Ben Nagy (Sep 26)