From owner-freebsd-security@FreeBSD.ORG Thu Sep 18 19:44:42 2003 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 0AA2816A4B3 for ; Thu, 18 Sep 2003 19:44:42 -0700 (PDT) Received: from arginine.spc.org (arginine.spc.org [195.206.69.236]) by mx1.FreeBSD.org (Postfix) with ESMTP id D28B843F75 for ; Thu, 18 Sep 2003 19:44:40 -0700 (PDT) (envelope-from bms@spc.org) Received: from localhost (localhost [127.0.0.1]) by arginine.spc.org (Postfix) with ESMTP id 6D8BE653D8; Fri, 19 Sep 2003 03:44:39 +0100 (BST) Received: from arginine.spc.org ([127.0.0.1]) by localhost (arginine.spc.org [127.0.0.1]) (amavisd-new, port 10024) with LMTP id 31213-01-3; Fri, 19 Sep 2003 03:44:38 +0100 (BST) Received: from saboteur.dek.spc.org (lardystuffer.demon.co.uk [212.228.40.202]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by arginine.spc.org (Postfix) with ESMTP id 333EE6538B; Fri, 19 Sep 2003 03:44:37 +0100 (BST) Received: by saboteur.dek.spc.org (Postfix, from userid 1001) id 621553D; Fri, 19 Sep 2003 03:44:33 +0100 (BST) Date: Fri, 19 Sep 2003 03:44:33 +0100 From: Bruce M Simpson To: Roger Marquis Message-ID: <20030919024433.GA1190@saboteur.dek.spc.org> Mail-Followup-To: Roger Marquis , freebsd-security@freebsd.org References: <20030918192135.744AADACAF@mx7.roble.com> <20030918231811.GE527@silverwraith.com> <20030919001951.GD2720@saboteur.dek.spc.org> <20030919005659.4B5A7DACBD@mx7.roble.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20030919005659.4B5A7DACBD@mx7.roble.com> Organization: SPC cc: freebsd-security@freebsd.org Subject: Re: FreeBSD Security Advisory FreeBSD-SA-03:12.openssh X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 19 Sep 2003 02:44:42 -0000 Hello, On Thu, Sep 18, 2003 at 05:56:59PM -0700, Roger Marquis wrote: > It takes all of 2 seconds to generate a ssh 2 new session on a > 500Mhz cpu (causing less than 20% utilization). Considering that > 99% of even the most heavily loaded servers have more than enough > cpu for this task I don't really see it as an issue. I'd be wary of making this the default system behaviour. If you feel strongly about this, consider submitting a convenience port similar to sysutils/comconsole which reconfigures the shipping sshd to run under inetd so that others can benefit from your approach. For occasional use by systems administrators, it may be fine. This still taxes the system entropy pool under load. For a box serving many shell users, or for an embedded target, or for a home user/non-profit organization with older hardware it may not be acceptable. If you're confident that your configured randomness sources are good enough to cope with your use of sshd in this way, good for you -- personally I would feel better about doing it on a 5.x system, where Mark Murray's rewrite of the arc4random system in favour of Yarrow has been committed. > Also, by generating a different key for each session you get better > entropy, which makes for better encryption, especially when you > consider that the keys for one session are useless when attempting > to decrypt other sessions. For this reason alone it's better to > run sshd out of inetd. Not to dismiss the idea of running sshd from inetd out of hand, however. In terms of compartmentalization it is a win in that there is no perpetually running sshd with root privileges to exploit - sshd is launched in stream mode, bound to sockets handed off by inetd to it in the traditional inetd server manner. Compartmentalization of privilege is something which may be addressed in future by other means, though -- the work being done in TrustedBSD just now reflects this. It is something which the privsep feature in sshd is meant to address. Some people might feel uncomfortable with having two daemons running as root instead of just one, though, in the inetd case. > I've been using inetd+ssh since 1995, in dozens of data centers, > across hundreds of hosts, and millions of sessions without a single > problem. I wonder what Bruce Schneier would think of Mr. Simpson's > understanding of cryptography? I haven't met Mr Schneier but am familiar with his work, and have read his books. 'Secrets and Lies' and 'Applied Cryptography' are staple favorites. BMS