OpenSSH and keystroke timings

Dan Kaminsky dan at
Wed Sep 9 08:10:29 EST 2009

Well, there's a lot here.  Lets go down the line.

1) Password entry only occurs during keyboard-interactive mode, which at
least isn't used by default (though it may be set on some distros).  There's
no way to downgrade someone as a MITM either.
2) Passwords in general are a terribly flawed technology, made only
palatable by the disaster that is everything else (yes, this includes
rsa/dsa in SSH).
3) Only the most basic of interactions with a server are line based.  Even
something as simple as vi requires full character mode interactivity.  Heck,
tab completion doesn't even work without it.
4) The right way to solve this class of problem isn't with LINEMODE tty,
it's with constant timing / constant bandwidth padding in the underlying
transport -- or at least, to make changes in timing and bandwidth happen a
few orders of magnitude slower than the data that's driving them.  SSH1 and
SSH2 as protocols have full support for contentless packets that contain
only padding; I'd love to see a patch.

On Tue, Sep 8, 2009 at 11:44 PM, Howard Chu <hyc at> wrote:

> Old news, but ...
> I first posted about this back in 2001 and it's still not resolved:
> 1) high latency networks are a reality that will never go away. In fact
> they will only become more prevalent since distributed networks continue to
> grow broader but (surprise) the speed of light remains a constant.
> 2) character-at-a-time protocols have both security and performance costs.
> 3) a solution for this has existed in common operating systems for a couple
> of decades already (LINEMODE tty support).
> It's strange how the secsh group at the IETF refused to learn from the
> lessons already gained from the years of experience with the telnet
> protocol.
> --
>  -- Howard Chu
>  CTO, Symas Corp. 
>  Director, Highland Sun
>  Chief Architect, OpenLDAP
> _______________________________________________
> openssh-unix-dev mailing list
> openssh-unix-dev at

More information about the openssh-unix-dev mailing list