[Patch] TCP MD5SIG for OpenSSH

Thomas ☃ Habets habets at google.com
Thu Jan 14 19:20:26 AEDT 2016

The intent of this option is similar to "tls-auth" in openvpn[1]: To
refuse to talk to anyone who doesn't know the shared secret.

You could compare this to port knocking, in that it solves a similar

This also prevents RST attacks from killing an existing connection,
even when attacker can sniff sequence numbers.

This feature doesn't work through NAT, since the source and
destination are signed. As IPv6 becomes more and more prevalent it'll
become possible to use this in more and more deployments.

The socket option is enabled *after* connection establishment, thus
doesn't protect against SYN floods. This is because server doesn't
know (in userspace) what the address of the peer is until they
connect. Again because signed addresses.

Setting up:
* Add "TCPMD5 foorbarSecret" to sshd_config
* SSH with "-oTCPMD5=foobarSecret"

Patch attached, but it's an ugly patch for 7.1p. I didn't want to put
too much effort into cleaning up and documenting everything if the
concept itself would rejected outright.

It needs formatting, portability, apply to CVS HEAD, and include file
changes at
least. But it works on Linux as is.

Everything signed from fourth packet:

16:32:40.902764 IP > Flags [S], seq
2342692369, win 43690, options [mss 65495,sackOK,TS val 51101999 ecr
0,nop,wscale 7], length 0

16:32:40.902777 IP > Flags [S.], seq
514139093, ack 2342692370, win 43690, options [mss 65495,sackOK,TS val
51101999 ecr 51101999,nop,wscale 7], length 0

16:32:40.902789 IP > Flags [.], ack 1, win
342, options [nop,nop,TS val 51101999 ecr 51101999], length 0

16:32:40.903480 IP > Flags [P.], seq 1:22,
ack 1, win 342, options [nop,nop,md5shared secret not supplied with -M,
can't check - 2daa171c0c342b041da3cb79ecd1d11b,nop,nop,TS val 51101999 ecr
51101999], length 21

So, how about it? Worth cleaning up?

[1] https://community.openvpn.net/openvpn/wiki/Hardening#Useof--tls-auth

☢ Thomas ☢
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-working.patch
Type: text/x-patch
Size: 8882 bytes
Desc: not available
URL: <http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20160114/e8f5a553/attachment-0001.bin>

More information about the openssh-unix-dev mailing list