From owner-freebsd-security Tue Aug 21 13:38:48 2001 Delivered-To: freebsd-security@freebsd.org Received: from mailsrv.otenet.gr (mailsrv.otenet.gr [195.170.0.5]) by hub.freebsd.org (Postfix) with ESMTP id F00B037B408 for ; Tue, 21 Aug 2001 13:38:36 -0700 (PDT) (envelope-from keramida@ceid.upatras.gr) Received: from hades.hell.gr (patr530-a132.otenet.gr [212.205.215.132]) by mailsrv.otenet.gr (8.11.1/8.11.1) with ESMTP id f7LKcLT28132; Tue, 21 Aug 2001 23:38:22 +0300 (EEST) Received: (from charon@localhost) by hades.hell.gr (8.11.4/8.11.4) id f7LKWoj97044; Tue, 21 Aug 2001 23:32:50 +0300 (EEST) (envelope-from keramida@ceid.upatras.gr) Date: Tue, 21 Aug 2001 23:32:49 +0300 From: Giorgos Keramidas To: Rob Simmons Cc: Matt Piechota , Wes Peters , "Carroll, D. (Danny)" , freebsd-security@FreeBSD.ORG Subject: SSH and encryption of passwords only (was: Re: Silly crackers... NT is for kids...) Message-ID: <20010821233249.C96292@hades.hell.gr> References: <20010821143517.L23909-100000@cithaeron.argolis.org> <20010821150657.G21383-100000@mail.wlcg.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <20010821150657.G21383-100000@mail.wlcg.com>; from rsimmons@wlcg.com on Tue, Aug 21, 2001 at 03:14:36PM -0400 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org From: Rob Simmons Subject: Re: Silly crackers... NT is for kids... Date: Tue, Aug 21, 2001 at 03:14:36PM -0400 > On Tue, 21 Aug 2001, Matt Piechota wrote: > > > No No, on the realtime machine controllers (QNX), or OCR nodes that need > > all the cpu cycles they can get. I'm talking about the [de|en]crypt on > > the remote side, not the PC side. Every bit or performance matters, and > > could be the difference between us and someone else getting a contract. > > There should be a way to configure sshd so that only the username/password > exchange is encrypted. The rest of the connection would be unencrypted. > You would get some of the benefits of ssh without a constant performance > hit. ... and lose all the security ssh provides for connections made from the server you initially did ssh to. Imagine that only the password exchange is encrypted in SSH, and you use a client to connect from machine A to machine B as user X. Then nobody can 'sniff' the password of X on B, but if you accidentally use anything that requires a password while connected to B, the rest of the session from A to B would not be encrypted and they[1] will be able to get anything that you write. Relying on the fact that they don't know user X's password on B to build arguments such as ``but they have to be connected to B to use this password'' is only a slight bit different from security through obscurity. What happens if some later day they *do* get access to machine B somehow? No, I think that using SSH with only the password exchange part being done with encryption is not a good idea. Of course, I'm just being paranoid again. -giorgos [1] The word 'they' implies that there might be at least two or more script kiddies out there that are interested in what you type while connected with SSH to your production machines. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message