Full Disclosure mailing list archives
OpenSSH Mirror "Mallory" Attack Vulnerability [Was: Re: <Advice> Possible Backdoor into openssh-3.7.1p1-i386-1.tgz from Slackware Mirror]
From: "Jonathan A. Zdziarski" <jonathan () nuclearelephant com>
Date: Sat, 20 Sep 2003 20:08:25 -0400
Looking at how the mirrors for all the openssh distros are laid out, I don't see much point in trying to verify them using PGP unless you've previously imported it. Each mirror contains the public key, the file, and the signature in the same directory, so any first-time downloader could get a tainted distribution with an "authentic" signature. If somebody did manage to find a way to hack a mirror, they could easily copy over their public key, hacked file, and signature. At the very least, the public key needs to be kept on a different set of [secure] servers, possibly even with an MD5 of the public key sitting on a third server just to make it all the more difficult to falsify authentication. I haven't looked lately, is this a common practice with mirror sites and PGP signing distributions? If so, it seems to eliminate the purpose PGP signing was originally intended for.
Current thread:
- OpenSSH Mirror "Mallory" Attack Vulnerability [Was: Re: <Advice> Possible Backdoor into openssh-3.7.1p1-i386-1.tgz from Slackware Mirror] Jonathan A. Zdziarski (Sep 20)