Date: Mon, 9 Feb 2009 15:18:25 -0800 (PST) From: Jason Stone <freebsd-security@dfmm.org> To: Daniel Roethlisberger <daniel@roe.ch> Cc: freebsd-security@freebsd.org, Lyndon Nerenberg <lyndon@orthanc.ca> Subject: Re: OPIE considered insecure Message-ID: <20090209150235.X15166@treehorn.dfmm.org> In-Reply-To: <20090209224806.GB63675@hobbes.ustdmz.roe.ch> References: <200902090957.27318.mail@maxlor.com> <20090209170550.GA60223@hobbes.ustdmz.roe.ch> <alpine.BSF.2.00.0902091246280.61088@mm.orthanc.ca> <20090209134738.G15166@treehorn.dfmm.org> <alpine.BSF.2.00.0902091402040.61088@mm.orthanc.ca> <20090209224806.GB63675@hobbes.ustdmz.roe.ch>
next in thread | previous in thread | raw e-mail | index | archive | help
>> That's what I do -- multiple throw-away keys on a USB stick, for >> emergencies. However if you're that paranoid you better be carrying >> around your own set of ssh binaries on that stick as well. Your own SSH binaries don't help; you can sniff the TTYs (or whatever the Windows equivalent is for getting raw keystroke data at the kernel level) directly. Yes, in a strict sense, it's not possible to safely log in from an untrusted host. But in a practical sense, we can look at the common attacks. I assume that any given public Windows box (at the library, internet cafe, etc) has a keystroke logger, but I'm not (yet...) going to assume that any given Windows box has an agent that actively seizes SSH connections and trojans the remote end. Someday that may change, but in the meantime, most folks with low-security needs can reasonably assume that all data entered into an untrusted machine will be logged, but that no level of active attack will take place; so as long as nothing in your session is reusable/replayable, you're pretty safe. > I'm primarily worried about keyloggers and USB memory stick content > dumpers. If you keep just a single key at a time on the USB stick, and the key deletes itself from the server as soon as you use it, you don't care if it gets copied, because you only plug the stick in when you want to use that key, at which point the key immediately becomes useless. And if you trust crypto, and you have multiple keys each encrypted with a different passphrase, you probably still don't care if the USB stick gets copied. > I prefer OPIE also because it does not need anything fancy on the client > side beyond a standard SSH2 client. Agreed, and Kerberos must definitely be disqualified on this basis. But I've never seen an SSH client that doesn't allow keys, including Windows and Java-based clients. -Jason
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20090209150235.X15166>