Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 21 Aug 2001 23:32:49 +0300
From:      Giorgos Keramidas <keramida@ceid.upatras.gr>
To:        Rob Simmons <rsimmons@wlcg.com>
Cc:        Matt Piechota <piechota@argolis.org>, Wes Peters <wes@softweyr.com>, "Carroll, D. (Danny)" <Danny.Carroll@mail.ing.nl>, freebsd-security@FreeBSD.ORG
Subject:   SSH and encryption of passwords only (was: Re: Silly crackers... NT is for kids...)
Message-ID:  <20010821233249.C96292@hades.hell.gr>
In-Reply-To: <20010821150657.G21383-100000@mail.wlcg.com>; from rsimmons@wlcg.com on Tue, Aug 21, 2001 at 03:14:36PM -0400
References:  <20010821143517.L23909-100000@cithaeron.argolis.org> <20010821150657.G21383-100000@mail.wlcg.com>

next in thread | previous in thread | raw e-mail | index | archive | help
From: Rob Simmons <rsimmons@wlcg.com>
Subject: Re: Silly crackers... NT is for kids...
Date: Tue, Aug 21, 2001 at 03:14:36PM -0400

> On Tue, 21 Aug 2001, Matt Piechota wrote:
> 
> > No No, on the realtime machine controllers (QNX), or OCR nodes that need
> > all the cpu cycles they can get.  I'm talking about the [de|en]crypt on
> > the remote side, not the PC side.  Every bit or performance matters, and
> > could be the difference between us and someone else getting a contract.
> 
> There should be a way to configure sshd so that only the username/password
> exchange is encrypted.  The rest of the connection would be unencrypted.
> You would get some of the benefits of ssh without a constant performance
> hit.

... and lose all the security ssh provides for connections made from
the server you initially did ssh to.

Imagine that only the password exchange is encrypted in SSH, and you
use a client to connect from machine A to machine B as user X.  Then
nobody can 'sniff' the password of X on B, but if you accidentally use
anything that requires a password while connected to B, the rest of
the session from A to B would not be encrypted and they[1] will be
able to get anything that you write.  Relying on the fact that they
don't know user X's password on B to build arguments such as ``but they
have to be connected to B to use this password'' is only a slight bit
different from security through obscurity.  What happens if some later
day they *do* get access to machine B somehow?

No, I think that using SSH with only the password exchange part being
done with encryption is not a good idea.

Of course, I'm just being paranoid again.

-giorgos

[1] The word 'they' implies that there might be at least two or more
    script kiddies out there that are interested in what you type
    while connected with SSH to your production machines.


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010821233249.C96292>