Date: Sun, 18 Feb 2001 17:03:59 +0100 (CET) From: Jan Conrad <conrad@th.physik.uni-bonn.de> To: <cjclark@alum.mit.edu> Cc: Kris Kennaway <kris@obsecurity.org>, <freebsd-security@FreeBSD.ORG>, Ralph Schreyer <schreyer@th.physik.uni-bonn.de> Subject: Re: Why does openssh protocol default to 2? Message-ID: <Pine.BSF.4.33.0102181612020.78276-100000@merlin.th.physik.uni-bonn.de> In-Reply-To: <20010217234710.D62368@rfx-216-196-73-168.users.reflex>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, 17 Feb 2001, Crist J. Clark wrote: > On Fri, Feb 16, 2001 at 03:49:04PM +0100, Jan Conrad wrote: > > [snip] > > > What I would find reasonable is something like an .shosts mechanism for > > ssh2 or, better, but more complicated, having the keys themselves > > encrypted by some private key of the machine. Why should a user have > > access to a plain key? > > OK, I am still not understanding why you believe SSH1 has advantages > over SSH2 when a user has NFS mounted home directories. The real > vulnerability to SSHx with NFS home directories is the threat that an > attacker may write to .ssh/authorized_keys*. If you can write to that > file, you can write to .shosts or .rhosts. > > What attack is SSH2 vulnerable to which SSH1 is not? So in conclusion, simply the whole contents of the .ssh dir must not appear on NFS shares. Then SSH2 is the only choice, I agree. Thanks for all you comments regards Jan To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.33.0102181612020.78276-100000>