Potential SSH2 exploit

David Terrell dbt at meat.net
Fri Jan 11 07:38:14 EST 2002


There is a similar problem with ssh1/ssh2 compatability.

There is no substitute for reading the prompt carefully, or generating
an ssh-known-hosts file.

On Thu, Jan 10, 2002 at 02:00:34PM -0600, Austin Gonyou wrote:
> I might have to agree with this thought. It does leave a pretty wide
> open hole it seems for now. I only use One key type in my network
> end-to-end, but if I were to use 2, it is possible. How could this be
> stopped. 
> 
> On Thu, 2002-01-10 at 13:40, Dave Dykstra wrote:
> > I just noticed (at least on OpenSSH 3.0p1) that even though I have both
> > RSA
> > and DSA keys available in sshd_config on a server, only a ssh-rsa line
> > shows up in known_hosts on the client side, not a ssh-dss line (that
> > priority may come from the fact that my RSA key is listed before my DSA
> > key
> > in sshd_config).  If I comment out the RSA key in sshd_config and
> > restart
> > the server, then the next time the client connects it warns that a new
> > key
> > is being added and adds a ssh-dss line to known_hosts.
> > 
> > Isn't that a potential opening for a man-in-the-middle exploit?
> > Somebody
> > could take over a DNS name, offer only a DSA key, and forward traffic to
> > the real host.  SSH users expect that once they've established the
> > identity
> > of a host they're safe from man-in-the-middle exploits so they may gloss
> > over the warning of an additional key being added.  Maybe the OpenSSH
> > ssh
> > client should retrieve and store both kinds of host keys if they're
> > missing
> > from known_hosts and the server has them available.  I don't know if
> > that
> > would take a protocol change or not but I doubt it because ssh-keyscan
> > has
> > the ability to scan for both rsa and dsa keys at the same time (and be
> > sure
> > to scan for both if you do use it!).
> > 
> > - Dave Dykstra
> > _______________________________________________
> > openssh-unix-dev at mindrot.org mailing list
> > http://www.mindrot.org/mailman/listinfo/openssh-unix-dev
> -- 
> Austin Gonyou
> Systems Architect, CCNA
> Coremetrics, Inc.
> Phone: 512-698-7250
> email: austin at coremetrics.com
> 
> "It is the part of a good shepherd to shear his flock, not to skin it."
> Latin Proverb



-- 
David Terrell             | "Anyone who says that is woefully
Prime Minister, Nebcorp   | underinformed.  IE, reads usenet."
dbt at meat.net              |  - Sean O'Connor
http://wwn.nebcorp.com/



More information about the openssh-unix-dev mailing list