Bugtraq mailing list archives
Re: OpenSSH & S/Key information leakage
From: flaps () dgp toronto edu (Alan J Rosenthal)
Date: Thu, 15 Nov 2001 17:12:26 -0500
These observations of information leakage are cute, and while some of them might be fixable, I'm not sure that most of them are, which is dismaying. If OPIE didn't tell you the password number, for example, it would be quite hard to use. Anyway, I was expecting to see the following in that list. OPIE will tell you whether or not a given account exists. This is a disclosure we often take pains to avoid on the internet these days; we expect the same error message for 'no such account' and 'bad password'. A login prompt for a non-account looks like this: login: flomp otp-md5 175 at2078 ext Response: So far, so good. But press return once or twice to get "Login incorrect" (or make a new conection), and then do login: flomp otp-md5 220 at0624 ext Response: Either the user just set a new passphrase in this one-second interval, or "flomp" does not exist. Compare: login: flaps otp-md5 796 qz1234 ext Response: Response: Login incorrect login: flaps otp-md5 796 qz1234 ext Response: Response: Always 796 qz1234 (until I next log in using OPIE and/or re-set my passphrase). Joel Maslak <jmaslak () antelope net> writes:
- If S/Key passwords are used at all, "fake" challenge strings should be printed whenever a real challenge string is not available. OPIE does this right.
I claim that what OPIE does is inadequate, but I don't have a solution (thus this is not a criticism of OPIE).
Current thread:
- OpenSSH & S/Key information leakage Joel Maslak (Nov 12)
- Re: OpenSSH & S/Key information leakage Markus Friedl (Nov 13)
- <Possible follow-ups>
- Re: OpenSSH & S/Key information leakage Alan J Rosenthal (Nov 15)
- Re: OpenSSH & S/Key information leakage Robert Bihlmeyer (Nov 19)
- Re: OpenSSH & S/Key information leakage Pavel Kankovsky (Nov 19)