Re: Why does openssh protocol default to 2?

From: Crist J. Clark (cjclark@reflexnet.net)
Date: 02/18/01 

Date: Sat, 17 Feb 2001 23:47:10 -0800
From: "Crist J. Clark" <cjclark@reflexnet.net>
To: Jan Conrad <conrad@th.physik.uni-bonn.de>

On Fri, Feb 16, 2001 at 03:49:04PM +0100, Jan Conrad wrote:

[snip]

> Don't you think in such an environment using SSH1 with
> RhostsRSAAuthentication would be reasonable (of course only if you *need*
> to provide users with an rsh like automatic login). Sure - you can be
> spoofed etc., the SSH connection could be attacked and whatnot but I would
> consider that to be harmless compared to the possibility to collect keys
> just by sniffing the net (and most people usually have keys without
> passphrases..).

Users can find a way to defeat most any system by choosing bad
passwords, sharing passwords, etc.

> I mean I just checked some University systems running ssh2 and ssh1 and I
> found really *lots* of keys in NFS mounted users homes... (sometimes 10%
> of the users had keys in their homes....)
>
> Maybe the conclusion is to put a warning into the manpages or into the
> default sshd_config saying something like 'be sure to switch
> xxxAuthentication of if you have NFS mounted homes'...
>
>
> What I would find reasonable is something like an .shosts mechanism for
> ssh2 or, better, but more complicated, having the keys themselves
> encrypted by some private key of the machine. Why should a user have
> access to a plain key?

OK, I am still not understanding why you believe SSH1 has advantages
over SSH2 when a user has NFS mounted home directories. The real
vulnerability to SSHx with NFS home directories is the threat that an
attacker may write to .ssh/authorized_keys*. If you can write to that
file, you can write to .shosts or .rhosts.

What attack is SSH2 vulnerable to which SSH1 is not? 

-- 
Crist J. Clark                           cjclark@alum.mit.edu
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

Relevant Pages

  • Re: ssh2
    ... And suddenly I had a dir ssh2 in /root which is not normal I think. ... The fact that the old keys were not used means either an incompetent hacker or just that you are connected to the wrong machine. ... ssh is not a thing i could say I master. ... Therefore I'm reasonably certain that this was created for an outgoing ssh connection. ...
    (Fedora)
  • Re: ssh2
    ... And suddenly I had a dir ssh2 in /root which is not normal I think. ... ssh is not a thing i could say I master. ... I changed the password and know this guy is trying to login again, ... Do the keys in the .ssh2 dir belong to anyone... ...
    (Fedora)
  • Re: Connection setup for SSH2 much slower than for SSH1 on Solaris8
    ... > JC> I'm seeing very slow connection setup using SSH2 vs SSH1... ... is it normal for SSH2 to take this much longer than SSH1? ... The Solaris-Linux vs Linux-Solaris results would seem to ...
    (comp.security.ssh)
  • Re: SSH 1.0 vs. 2.0
    ... SSH2 was a total rewite of the protocol. ... SSH limited www.ssh.com He also wrote the SSH2 specs. ... In a nutshell SSH1 ... support if your business does not depend upon it. ...
    (comp.os.linux.security)
  • Re: Ive been hacked...tips for a postmortem?
    ... > www.openssh.com) That SSH1 is not to be used for anything other than ... > vulnerable to several remote root attacks (thus the reason for SSH2). ... > SSH at all. ... because they use the same port and ssh.com got ...
    (comp.os.linux.security)