Date: Thu, 23 Aug 2001 11:04:28 +1000 From: Greg Black <gjb@gbch.net> To: Alfred Perlstein <bright@mu.org> Cc: Matt Dillon <dillon@earth.backplane.com>, freebsd-hackers@freebsd.org Subject: Re: ssh password cracker - now this *is* cool! Message-ID: <nospam-998528668.30701@maxim.gbch.net> In-Reply-To: <20010822194926.U81307@elvis.mu.org> of Wed, 22 Aug 2001 19:49:26 EST References: <200108222330.f7MNUUj80882@earth.backplane.com> <nospam-998527507.28418@maxim.gbch.net> <20010822194926.U81307@elvis.mu.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Alfred Perlstein wrote: | * Greg Black <gjb@gbch.net> [010822 19:46] wrote: | > Matt Dillon wrote: | > | This gets an 'A' on my cool-o-meter. | > | | > | http://www.vnunet.com/News/1124839 | > | > The real research might be interesting, but the information in | > the article seems to be wrong. It says: | > | > Each keystroke from a user is immediately sent to the target | > machine as a separate IP packet. By performing a statistical | > study on a user's typing patterns, and applying a key | > sequence prediction algorithm, the researchers managed to | > successfully predict key sequences from inter-keystroke | > timings. | > | > While this is true for events that occur while you are typing at | > something like an xterm, it's not true while you type in a | > password. In that case the ssh client at your end collects the | > entire password, encrypts it, and transmits the whole thing when | > you hit <Enter>. | > | > How are they going to determine inter-keystroke timings from | > that? Maybe the real trick is much cooler than what is shown in | > the article ... | | No, the idea is that one may have ssh'd into a remote host that's | trusted, and there the user is typing a password to access something | from the trusted host. | | One could do the statistical analysis then. Ah, I see. That's something that's on my list of things not to do, so I didn't consider it. My rule is never to type passwords once I'm logged into a host; and even if I have to type another ssh password to jump to another host that needs a password, my method is to type the password locally on the physical trusted machine I'm using and then cut and paste it into the application that's waiting for it. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?nospam-998528668.30701>