Trick user to send private key password to compromised host
Karsten Künne
kuenne at rentec.com
Wed May 14 00:58:18 EST 2008
On Tuesday 13 May 2008 05:01:25 Roman Fiedler imposed structure on a
stream of electrons, yielding:
> Hi list,
>
> I do not known, if this is really an issue but i noticed that when
> connecting to a remote ssh host with the standard linux openssh client
> using a private key, that there is no line of text indicating when the
> local key-passwd process was completed and the connection session was
> established.
>
> On a compromised host, the login shell could write the line 'Enter
> passphrase for key 'guess the filename using the current account
> name':'. If unnoticed, the user will think, that he misstyped the
> passphrase and repeat it. After capturing the word, the login could
> continue with the standard procedure (e.g. motd banner).
>
What does that have to do with openssh? On a compromised host the attacker can
do all kind of neat tricks and doesn't have to rely on openssh. For instance,
a keylogger would be able to catch even more stuff and is probably easier to
set up.
Karsten.
--
A baby is God's opinion that the world should go on.
-- Carl Sandburg
More information about the openssh-unix-dev
mailing list