SUNWski

[Markus Friedl]

you are using telnet and then ssh.

On Mon, Jul 24, 2000 at 05:45:13PM -0700, Higdon, David M - CNF wrote:
> 
> By running the snoop utility that comes with the Solaris
> OS.
> 
> Here is the output from running snoop
> 
> Snoop is running on a third system that does not have ssh
> installed.
> 
> I am trying to ssh from machine A to machine B 
> 
> 
> from machine C
> 
> # snoop machine A
>     machine A -> hostname.xxx.com TELNET C port=38920 s
> hostname.xxx.com -> machine A     TELNET R port=38920 s
>     machine A -> hostname.xxx.com TELNET C port=38920 
>     machine A -> hostname.xxx.com TELNET C port=38920 s
> hostname.xxx.com -> machine A     TELNET R port=38920 s
>     machine A -> hostname.xxx.com TELNET C port=38920 
>     machine A -> hostname.xxx.com TELNET C port=38920 h
> hostname.xxx.com -> machine A     TELNET R port=38920 h
>     machine A -> hostname.xxx.com TELNET C port=38920 
>     machine A -> hostname.xxx.com TELNET C port=38920 2
> hostname.xxx.com -> machine A     TELNET R port=38920 2
>     machine A -> hostname.xxx.com TELNET C port=38920 
>     machine A -> hostname.xxx.com TELNET C port=38920  
> hostname.xxx.com -> machine A     TELNET R port=38920  
>     machine A -> hostname.xxx.com TELNET C port=38920 
>     machine A -> hostname.xxx.com TELNET C port=38920 m
> hostname.xxx.com -> machine A     TELNET R port=38920 m
>     machine A -> hostname.xxx.com TELNET C port=38920 
>     machine A -> hostname.xxx.com TELNET C port=38920 a
> hostname.xxx.com -> machine A     TELNET R port=38920 a
>     machine A -> hostname.xxx.com TELNET C port=38920 
>     machine A -> hostname.xxx.com TELNET C port=38920 c
> hostname.xxx.com -> machine A     TELNET R port=38920 c
>     machine A -> hostname.xxx.com TELNET C port=38920 
>     machine A -> hostname.xxx.com TELNET C port=38920 h
> hostname.xxx.com -> machine A     TELNET R port=38920 h
>     machine A -> hostname.xxx.com TELNET C port=38920 
>     machine A -> hostname.xxx.com TELNET C port=38920 i
> hostname.xxx.com -> machine A     TELNET R port=38920 i
>     machine A -> hostname.xxx.com TELNET C port=38920 
>     machine A -> hostname.xxx.com TELNET C port=38920 n
> hostname.xxx.com -> machine A     TELNET R port=38920 n
>     machine A -> hostname.xxx.com TELNET C port=38920 
>     machine A -> hostname.xxx.com TELNET C port=38920 e
> hostname.xxx.com -> machine A     TELNET R port=38920 e
>     machine A -> hostname.xxx.com TELNET C port=38920 
>     machine A -> hostname.xxx.com TELNET C port=38920 B
> hostname.xxx.com -> machine A     TELNET R port=38920 B
>     machine A -> hostname.xxx.com TELNET C port=38920 
>     machine A -> hostname.xxx.com TELNET C port=38920 
> hostname.xxx.com -> machine A     TELNET R port=38920 
>     machine A -> hostname.xxx.com TELNET C port=38920 
> hostname.xxx.com -> machine A     TELNET R port=38920 Passphrase for key "
>     machine A -> hostname.xxx.com TELNET C port=38920 
>     machine A -> hostname.xxx.com TELNET C port=38920 m
> hostname.xxx.com -> machine A     TELNET R port=38920 
>     machine A -> hostname.xxx.com TELNET C port=38920 o
> hostname.xxx.com -> machine A     TELNET R port=38920 
>     machine A -> hostname.xxx.com TELNET C port=38920 n
> hostname.xxx.com -> machine A     TELNET R port=38920 
>     machine A -> hostname.xxx.com TELNET C port=38920 g
> hostname.xxx.com -> machine A     TELNET R port=38920 
>     machine A -> hostname.xxx.com TELNET C port=38920 0
> hostname.xxx.com -> machine A     TELNET R port=38920 
>     machine A -> hostname.xxx.com TELNET C port=38920 0
> hostname.xxx.com -> machine A     TELNET R port=38920 
>     machine A -> hostname.xxx.com TELNET C port=38920 s
> hostname.xxx.com -> machine A     TELNET R port=38920 
>     machine A -> hostname.xxx.com TELNET C port=38920 e
> hostname.xxx.com -> machine A     TELNET R port=38920 
>     machine A -> hostname.xxx.com TELNET C port=38920 
> hostname.xxx.com -> machine A     TELNET R port=38920 
>     machine A -> hostname.xxx.com TELNET C port=38920 
> hostname.xxx.com -> machine A     TELNET R port=38920 Authentication succe
>     machine A -> hostname.xxx.com TELNET C port=38920 
> hostname.xxx.com -> machine A     TELNET R port=38920 Last login: Tue Jul 
>     machine A -> hostname.xxx.com TELNET C port=38920 
> hostname.xxx.com -> machine A     TELNET R port=38920 Sun Microsystems Inc
>     machine A -> hostname.xxx.com TELNET C port=38920 
> 
> 
> -David 
> 
> -----Original Message-----
> From: Damien Miller [mailto:djm at mindrot.org]
> Sent: Monday, July 24, 2000 4:47 PM
> To: Higdon.David at cnf.com
> Cc: 'Markus Friedl'; 'Brian Friday'; 'openssh-unix-dev at mindrot.org';
> openssh at openssh.com
> Subject: RE: SUNWski
> 
> 
> On Mon, 23 Jul 2000, Higdon, David M - CNF wrote:
> 
> How do you see the login and password in the clear? Can you send a log
> of such an event?
> 
> > 
> > solaris 2.8
> > openssh 2.1.1p4 
> > openssl 0.0.5a
> > zlib 1.1.3
> > SUNWski
> >  
> > 
> > - David 
> > 
> > 
> > 
> > -----Original Message-----
> > From: Markus Friedl [mailto:markus.friedl at informatik.uni-erlangen.de]
> > Sent: Sunday, July 23, 2000 7:10 AM
> > To: Higdon, David M - CNF
> > Cc: 'Brian Friday'; 'openssh-unix-dev at mindrot.org'; openssh at openssh.com
> > Subject: Re: SUNWski
> > 
> > 
> > On Thu, Jul 20, 2000 at 02:43:30PM -0700, Higdon, David M - CNF wrote:
> > > What happens when you run snoop on the system
> > > that you ssh from? Can you see your input in 
> > > clear text? Because I can!
> > 
> > could you please show me? what versions of ssh are you using?
> > 
> > 
> 
> -- 
> | "Bombay is 250ms from New York in the new world order" - Alan Cox
> | Damien Miller - http://www.mindrot.org/
> | Email: djm at mindrot.org (home) -or- djm at ibs.com.au (work)
> 
> 
> 
>