From owner-freebsd-security Fri Feb 16 6:49:15 2001 Delivered-To: freebsd-security@freebsd.org Received: from dirac.th.physik.uni-bonn.de (dirac.th.physik.uni-bonn.de [131.220.161.119]) by hub.freebsd.org (Postfix) with SMTP id 621BC37B503 for ; Fri, 16 Feb 2001 06:49:07 -0800 (PST) Received: (qmail 50078 invoked from network); 16 Feb 2001 14:49:05 -0000 Received: from merlin.th.physik.uni-bonn.de (131.220.161.121) by dirac.th.physik.uni-bonn.de with SMTP; 16 Feb 2001 14:49:05 -0000 Received: (qmail 52593 invoked by uid 145); 16 Feb 2001 14:49:04 -0000 Received: from localhost (sendmail-bs@127.0.0.1) by localhost with SMTP; 16 Feb 2001 14:49:04 -0000 Date: Fri, 16 Feb 2001 15:49:04 +0100 (CET) From: Jan Conrad To: Kris Kennaway Cc: , Ralph Schreyer Subject: Re: Why does openssh protocol default to 2? In-Reply-To: <20010215133000.A12807@mollari.cthul.hu> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Thu, 15 Feb 2001, Kris Kennaway wrote: > On Thu, Feb 15, 2001 at 01:18:45PM +0100, Jan Conrad wrote: > > On Thu, 15 Feb 2001, Kris Kennaway wrote: > > > > > On Thu, Feb 15, 2001 at 12:30:20PM +0100, Jan Conrad wrote: > > > > Hello, > > > > > > > > for quite a long time now I cannot understand why people encourage others > > > > for using ssh2 by default and I wanted to ask the readers of this list for > > > > their opinion. > > > > > > SSH1 has fundamental protocol flaws. SSH2 doesn't, that we know of. > > > > I knew that statement... Could you give me a good reference for a > > detailed discussion on that? > > www.core-sdi.com probably has some information - there are recently > discovered flaws and a number of older ones. > > > > I don't understand your complaint. If you don't want to use SSH2 with > > > RSA/DSA keys, don't do that. Use the UNIX password or some other PAM > > > authentication module (OPIE, etc) > > > > Sorry - I did not want to complain... (really :-) > > > > What would you suggest for NFS mounted home dirs as a reasonable solution? > > (To store keys I mean..) > > If you have people sniffing your NFS traffic then you're in trouble > anyway since they can probably spoof things very easily. Consider > what's really your threat model here. OK - that's the point here, precisely! Don't you think in such an environment using SSH1 with RhostsRSAAuthentication would be reasonable (of course only if you *need* to provide users with an rsh like automatic login). Sure - you can be spoofed etc., the SSH connection could be attacked and whatnot but I would consider that to be harmless compared to the possibility to collect keys just by sniffing the net (and most people usually have keys without passphrases..). I mean I just checked some University systems running ssh2 and ssh1 and I found really *lots* of keys in NFS mounted users homes... (sometimes 10% of the users had keys in their homes....) Maybe the conclusion is to put a warning into the manpages or into the default sshd_config saying something like 'be sure to switch xxxAuthentication of if you have NFS mounted homes'... What I would find reasonable is something like an .shosts mechanism for ssh2 or, better, but more complicated, having the keys themselves encrypted by some private key of the machine. Why should a user have access to a plain key? > > If you really don't want people to use DSA authentication (it's not a > security risk unless they use a weak passphrase) then disable it with > the appropriate configuration directive in /etc/ssh/sshd_config. sure > > Kris > Jan To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message