Regarding Pubkey Enumeration

Dan Kaminsky dan at doxpara.com
Sat Jan 21 09:13:24 EST 2012 


Sent from my iPhone

On Jan 20, 2012, at 5:04 PM, Damien Miller <djm at mindrot.org> wrote:

> On Fri, 20 Jan 2012, Dan Kaminsky wrote:
> 
>> 
>> On Jan 20, 2012, at 4:43 PM, Damien Miller <djm at mindrot.org> wrote:
>> 
>>> On Fri, 20 Jan 2012, Dan Kaminsky wrote:
>>> 
>>>> Eh, you wouldn't support a feature that only displayed a password prompt if the username was valid.  Same thing, very similar experience even.
>>> 
>>> It isn't the same thing at all. Usernames are short, low-entropy and highly
>>> common between systems. Public keys are none of these.
>>> 
>> 
>> HD is raiding authorized_keys files to successfully get around this
>> limitation -- there's a reason we call them public keys. Also the very
>> fact that public keys are only conditionally common between systems is
>> an issue, as it's strongly deanonymizing nodes.
> 
> If you have popped an account, then there are myriad sources of data
> that you can use to determined linked hosts (known_hosts, lastlog, shell
> history, [uw]tmp, etc.).

Yeah, those only work on transitive links, Alice to Bob to Charlie. They do nothing for Alice to Bob leaking info about Alice on Charlie. 

> 
>> It's the same UI to type in a password vs. a pass phrase, and we don't
>> bypass the former just because there's no value that could work. It's
>> odd indeed for public key security to be visibly weaker than password.
> 
> That's because it isn't by any normal definition. The most you've shown
> is that, given a public key that is never transmitted in the clear by
> SSH, you can test hosts to find where its private half might be accepted.
> I'm struggling to see why this is interesting.

It's a small find (and not mine -- it's HD Moore's). But he'll be releasing a paper shortly about how it's been really useful to take keys grabbed out of authorized_keys files and iterate across other hosts to do relationship mapping. I'll see if I can't get him to give you a preview. He's got a point; this is useful stuff even if outside the Code Execution  realm. 


> 
> -d
>

More information about the openssh-unix-dev mailing list