From owner-freebsd-hackers  Sat Aug 25 22:29:47 2001
Delivered-To: freebsd-hackers@freebsd.org
Received: from silver.teardrop.org (silver.teardrop.org [64.61.57.67])
	by hub.freebsd.org (Postfix) with ESMTP id D9C1837B407
	for <freebsd-hackers@FreeBSD.ORG>; Sat, 25 Aug 2001 22:29:42 -0700 (PDT)
	(envelope-from snow@teardrop.org)
Received: (from snow@localhost)
	by silver.teardrop.org (8.11.5/8.11.1) id f7Q5TN381681;
	Sun, 26 Aug 2001 01:29:23 -0400 (EDT)
	(envelope-from snow@teardrop.org)
Date: Sun, 26 Aug 2001 01:29:22 -0400
From: James Snow <snow@teardrop.org>
To: Harold Gutch <520066542279-0001@t-online.de>
Cc: Matt Dillon <dillon@earth.backplane.com>,
	Alfred Perlstein <bright@mu.org>, freebsd-hackers@FreeBSD.ORG
Subject: Re: ssh password cracker - now this *is* cool!
Message-ID: <20010826012922.B79353@teardrop.org>
References: <200108222330.f7MNUUj80882@earth.backplane.com> <20010822183807.T81307@elvis.mu.org> <200108222347.f7MNlF781161@earth.backplane.com> <20010825223907.A44732@foobar.franken.de>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.2.5i
In-Reply-To: <20010825223907.A44732@foobar.franken.de>; from 520066542279-0001@t-online.de on Sat, Aug 25, 2001 at 10:39:07PM +0200
Sender: owner-freebsd-hackers@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-hackers.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-hackers>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-hackers>
X-Loop: FreeBSD.ORG

On Sat, Aug 25, 2001 at 10:39:07PM +0200, Harold Gutch wrote:
> > :* Matt Dillon <dillon@earth.backplane.com> [010822 18:30] wrote:
> > :>     This gets an 'A' on my cool-o-meter.
> > :> 
> > :> 	http://www.vnunet.com/News/1124839
> 
> Dug Song and Solar Designer held a talk on this topic at HAL 2001,
> where they stated that backspaces could be detected, as a backspace
> actually translated to <Cursorleft><Space><Cursorleft> thus sending
> 3 characters at a time instead of only 1.

Apologies if I'm interrupting an academic conversation, but....  Isn't
this a non-issue in OpenSSH and thus any normal FreeBSD installs?

I'm just looking at packet dumps, not source, but it looks to me like
OpenSSH sends passwords all in one shot, not character by character.

Also, it appears to pad the data out to 108 bytes, which I should
think defends rather well against attacks geared towards gleaning
password length. (So long as your password isn't over 108 bytes, I
guess.)


-Snow

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message