Re: Apache Software Foundation Server compromised, resecured. (fwd)

From: Kris Kennaway (kris@obsecurity.org)
Date: 06/01/01 

Date: Thu, 31 May 2001 18:37:32 -0700
From: Kris Kennaway <kris@obsecurity.org>
To: Crist Clark <crist.clark@globalstar.com>

On Thu, May 31, 2001 at 05:54:49PM -0700, Crist Clark wrote:

> *sigh*
>
> You cannot 'record passphrases.' RSA authentication uses public key
> cryptography. The client, the person logging in, proves it knows a
> secret, the private key, without ever revealing it to the server who
> only knows the public key.

The ssh client on the sourceforge machine was trojaned; when the user
entered their private key passphrase on the compromised machine (in
order for the client to decrypt the private key and then perform RSA
handshake with the server) it stored a copy. Once you have access to
that credential you can use it to impersonate that user to other
systems which trust it.

> The use of public key crypto allows you to log into potentially
> untrusted servers without revealing your secret.

But if you log in FROM an untrusted system using SSH and an
authentication protocol which uses a persistent credential token on
the client side (e.g. UNIX passphrase, RSA key, but not e.g. OPIE)
then all bets are off because you must give the malicious client
access to that credential in order for it to authenticate on your
behalf.

Kris

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

Relevant Pages

  • [Full-disclosure] [GOATSE SECURITY] Clench: Goatses way to say "screw you" to certificate author
    ... Application layer authentication-inherent validation of public key ... Goatse Security’s new simple password-based authentication mechanism ... getting hundreds of thousands or millions of users to install a client ... client hashes locally and then sends the hash to the server. ...
    (Full-Disclosure)
  • Re: UsernameOverTransportSecurity+SSL Confusion, please help
    ... How come the authentication is not working there? ... you can buy a certificate in one of the well-know certificate ... I will have a private key on the server, and I will give the private key to ... The client will automatically get the public key and negotiate a key to ...
    (microsoft.public.dotnet.framework.webservices.enhancements)
  • Re: Asymmetric Encryption
    ... encryption to securely exchange a symetric private key. ... The client sends the PUBLIC key to the server. ...
    (microsoft.public.dotnet.framework.aspnet)
  • Re: Asymmetric Encryption
    ... You can specify if you want to export both your private key and public key. ... encryption to securely exchange a symetric private key. ... The client sends the PUBLIC key to the server. ...
    (microsoft.public.dotnet.framework.aspnet)
  • Re: Object contains only the public half of a key pair. A private
    ... Ok, so you have to configure only the client side (The consumer side, the ... The client token is your certificate (Private and public key), ... customer does not need to provide you their private key, ...
    (microsoft.public.dotnet.framework.webservices.enhancements)