From owner-freebsd-security  Sat Feb 17 23:47:49 2001
Delivered-To: freebsd-security@freebsd.org
Received: from mailhost01.reflexnet.net (mailhost01.reflexnet.net [64.6.192.82])
	by hub.freebsd.org (Postfix) with ESMTP id 7616937B401
	for <freebsd-security@freebsd.org>; Sat, 17 Feb 2001 23:47:47 -0800 (PST)
Received: from rfx-216-196-73-168.users.reflexcom.com ([216.196.73.168]) by mailhost01.reflexnet.net  with Microsoft SMTPSVC(5.5.1877.197.19);
	 Sat, 17 Feb 2001 23:45:22 -0800
Received: (from cjc@localhost)
	by rfx-216-196-73-168.users.reflexcom.com (8.11.1/8.11.1) id f1I7lBU49901;
	Sat, 17 Feb 2001 23:47:11 -0800 (PST)
	(envelope-from cjc)
Date: Sat, 17 Feb 2001 23:47:10 -0800
From: "Crist J. Clark" <cjclark@reflexnet.net>
To: Jan Conrad <conrad@th.physik.uni-bonn.de>
Cc: Kris Kennaway <kris@obsecurity.org>,
	freebsd-security@FreeBSD.ORG,
	Ralph Schreyer <schreyer@th.physik.uni-bonn.de>
Subject: Re: Why does openssh protocol default to 2?
Message-ID: <20010217234710.D62368@rfx-216-196-73-168.users.reflex>
Reply-To: cjclark@alum.mit.edu
References: <20010215133000.A12807@mollari.cthul.hu> <Pine.BSF.4.33.0102161442540.51347-100000@merlin.th.physik.uni-bonn.de>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.2.5i
In-Reply-To: <Pine.BSF.4.33.0102161442540.51347-100000@merlin.th.physik.uni-bonn.de>; from conrad@th.physik.uni-bonn.de on Fri, Feb 16, 2001 at 03:49:04PM +0100
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

On Fri, Feb 16, 2001 at 03:49:04PM +0100, Jan Conrad wrote:

[snip]

> Don't you think in such an environment using SSH1 with
> RhostsRSAAuthentication would be reasonable (of course only if you *need*
> to provide users with an rsh like automatic login). Sure - you can be
> spoofed etc., the SSH connection could be attacked and whatnot but I would
> consider that to be harmless compared to the possibility to collect keys
> just by sniffing the net (and most people usually have keys without
> passphrases..).

Users can find a way to defeat most any system by choosing bad
passwords, sharing passwords, etc.

> I mean I just checked some University systems running ssh2 and ssh1 and I
> found really *lots* of keys in NFS mounted users homes... (sometimes 10%
> of the users had keys in their homes....)
> 
> Maybe the conclusion is to put a warning into the manpages or into the
> default sshd_config saying something like 'be sure to switch
> xxxAuthentication of if you have NFS mounted homes'...
> 
> 
> What I would find reasonable is something like an .shosts mechanism for
> ssh2 or, better, but more complicated, having the keys themselves
> encrypted by some private key of the machine. Why should a user have
> access to a plain key?

OK, I am still not understanding why you believe SSH1 has advantages
over SSH2 when a user has NFS mounted home directories. The real
vulnerability to SSHx with NFS home directories is the threat that an
attacker may write to .ssh/authorized_keys*. If you can write to that
file, you can write to .shosts or .rhosts.

What attack is SSH2 vulnerable to which SSH1 is not?
-- 
Crist J. Clark                           cjclark@alum.mit.edu


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message