path to find ssh-rand-helper
J.S.Peatfield at damtp.cam.ac.uk
J.S.Peatfield at damtp.cam.ac.uk
Wed Apr 3 11:18:21 EST 2002
> Maybe (I'm half-awake so I'm not considering all the issues) one
> should allow OpenSSH to look for ssh-rand-helper in the user's path.
> (Default to fixed location, but a configure option). That will
> solve the problem in the generic form, but I'm worried about it
> selecting a wrong ssh-rand-helper.
The thing which worries me most is that if the user can specify the
entropy source they could cause it to be fed something which isn't
random at all, and so the seeding of the prngd could be very suspect.
Normally this is just the user shooting themself in the foot, but if
ssh is setuid and (say) using DSA (which I seem to remember needs a
very good entropy source (or am I confusing that with something
else)), there may be a leak of bits of the host's private key
(e.g. when trying rhostrsa or similar).
Of course since ssh-rand-helper (and particularly the entropy
gathering commands themselves) run as the user a malicious user might
be able to cause them to generate whatever output they want anyway.
Of course I may be just completely mis-understanding the issues?
In the case I'm interested in ssh won't be setuid so I'd be happy
enough for the option to be honoured only if ssh isn't running suid
though that seems less clean if it is safe anyway (which is why I
asked initially).
Now to avoid showing my ignorance further I'll shut up for a bit...
-- Jon
More information about the openssh-unix-dev
mailing list