[Bug 2026] New: OpenSSH client leaks username to server

bugzilla-daemon at mindrot.org bugzilla-daemon at mindrot.org
Fri Jul 20 01:47:14 EST 2012


          Priority: P5
            Bug ID: 2026
          Assignee: unassigned-bugs at mindrot.org
           Summary: OpenSSH client leaks username to server
          Severity: normal
    Classification: Unclassified
                OS: Linux
          Reporter: longpoke at gmail.com
          Hardware: Other
            Status: NEW
           Version: 5.9p1
         Component: ssh
           Product: Portable OpenSSH

Hash: SHA1

Title: OpenSSH client leaks username to server
Context: Some issue tracker that includes portable openssh

When connecting to an SSH server, OpenSSH will send your username as
the SSH username if you don't provide one explicitly. This is an
information leak.

Why is this bad?
Imagine Bill Gates is using linux to hack into apple.com. He was told
Linux is good, and he is planning on making the next release of windows
be an open source Linux distribution. He gets the root password for the
SSH server on apple.com. He tries to get on by running "ssh apple.com",
it fails for wrong password, then he realizes he forgot to set the
username so he runs "ssh root at apple.com". But now apple.com has a login
attempt in their logs for the account "billgates" (he was using a
botnet which is hardcoded in every Windows kernel, providing an
anonymity network to Bill Gates, so apple.com didn't get his IP
address). So after Bill Gates changed apple.com to show bad financial
reports and say that they're closing down (making them lose all their
investors/market share etc), Bill Gates gets arrested because of this
irrefutable evidence left in the log file. Now Bill Gates hates Linux
forever and will never make Windows be Linux based.
Version: GnuPG v2.0.19 (GNU/Linux)


You are receiving this mail because:
You are watching the assignee of the bug.

More information about the openssh-bugs mailing list