Date: Sat, 17 Feb 2001 23:47:10 -0800 From: "Crist J. Clark" <cjclark@reflexnet.net> To: Jan Conrad <conrad@th.physik.uni-bonn.de> Cc: Kris Kennaway <kris@obsecurity.org>, freebsd-security@FreeBSD.ORG, Ralph Schreyer <schreyer@th.physik.uni-bonn.de> Subject: Re: Why does openssh protocol default to 2? Message-ID: <20010217234710.D62368@rfx-216-196-73-168.users.reflex> In-Reply-To: <Pine.BSF.4.33.0102161442540.51347-100000@merlin.th.physik.uni-bonn.de>; from conrad@th.physik.uni-bonn.de on Fri, Feb 16, 2001 at 03:49:04PM %2B0100 References: <20010215133000.A12807@mollari.cthul.hu> <Pine.BSF.4.33.0102161442540.51347-100000@merlin.th.physik.uni-bonn.de>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, Feb 16, 2001 at 03:49:04PM +0100, Jan Conrad wrote: [snip] > Don't you think in such an environment using SSH1 with > RhostsRSAAuthentication would be reasonable (of course only if you *need* > to provide users with an rsh like automatic login). Sure - you can be > spoofed etc., the SSH connection could be attacked and whatnot but I would > consider that to be harmless compared to the possibility to collect keys > just by sniffing the net (and most people usually have keys without > passphrases..). Users can find a way to defeat most any system by choosing bad passwords, sharing passwords, etc. > I mean I just checked some University systems running ssh2 and ssh1 and I > found really *lots* of keys in NFS mounted users homes... (sometimes 10% > of the users had keys in their homes....) > > Maybe the conclusion is to put a warning into the manpages or into the > default sshd_config saying something like 'be sure to switch > xxxAuthentication of if you have NFS mounted homes'... > > > What I would find reasonable is something like an .shosts mechanism for > ssh2 or, better, but more complicated, having the keys themselves > encrypted by some private key of the machine. Why should a user have > access to a plain key? OK, I am still not understanding why you believe SSH1 has advantages over SSH2 when a user has NFS mounted home directories. The real vulnerability to SSHx with NFS home directories is the threat that an attacker may write to .ssh/authorized_keys*. If you can write to that file, you can write to .shosts or .rhosts. What attack is SSH2 vulnerable to which SSH1 is not? -- Crist J. Clark cjclark@alum.mit.edu To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010217234710.D62368>