Re: On why debugging OpenSSH can be so hard



On Fri, Jul 04, 2008 at 08:57:41AM +0200, Tonnerre Lombard wrote:
On Tue, 1 Jul 2008 16:02:46 -0400, Maurice Volaski wrote:
Fail quietly, indeed! It's not simply doing this under ordinary
operation, but even in debug operation, even under debug level 3. In
the perfect place where it can tell us quite informatively what's
about to go wrong--there is nothing!
[...]

Please bear in mind that in the world of cryptography, the difference
between proper error messages and information disclosure
vulnerabilities is narrow, or only a nuance.

This is a red herring. If the operator of the server is running the
SSH daemon in debug mode, how is not reporting the real error a
security risk? I understand and agree with your point, but it seems
not applicable to this case...

Now, Maurice didn't provide quite enough context... he didn't mention
whether the debug info was from the client or the server, and didn't
mention where the code snippet he posted came from. But if you
actually look at the snippet, it is clearly from sshd:

/* Fail quietly if file does not exist */
if (stat(file, &st) < 0) {
/* Restore the privileged uid. */
restore_uid();
return 0;
}
/* Open the file containing the authorized keys. */
f = fopen(file, "r");
if (!f) {
/* Restore the privileged uid. */
restore_uid();
return 0;
}

If this is on the server, then again, the sysadmin running the server
in debug mode has every right to the information that the file is
missing, and adding debug messages won't expose anything to the remote
user. Debugging the problem without that info will indeed be
difficult.

This can not possibly be construed as a security risk. It's just bad
programming.

--
Derek D. Martin
http://www.pizzashack.org/
GPG Key ID: 0x81CFE75D

Attachment: pgpIHKgVCYHOy.pgp
Description: PGP signature



Relevant Pages

  • Gesucht - Virensoftware die funktioniert
    ... Server specifications ... - winmsd output from the OSCE server ... To turn on the server debug program: ... Setting window appears 3. select the Enable debug log check box. ...
    (microsoft.public.de.german.exchange2000.general)
  • Re: ssh as non-root user
    ... The server is reporting the following to the client: ... server offers auth methods ''. ... debug: ... Unauthorized access or use of this computer system may subject violators to ...
    (SSH)
  • Re: hostbased auth between commercial and OpenSSH
    ... The server just rejects hostbased from OpenSSH client saying method is ... Client side debug snippet (I've got hostbased as only ... client user 'myusername', server user 'myusername', ...
    (comp.security.ssh)
  • SSH Debugging <-- compatibility
    ... Connecting to server, port 22... ... debug: Ssh2/ssh2.c:1956/main: Entering event loop. ... SSH_CROSS_ALGORITHMS packet from connection protocol. ... This is an evaluation version of the SSH Secure Shell Windows Server. ...
    (comp.security.ssh)
  • Re: How to debug this?
    ... My client and listener can connect fine on 127.0.0.1 port 9005. ... once I upload the listener to my webserver and change to the web server IP, ... An unhandled exception of type 'System.Net.Sockets.SocketException' occurred ... >>> When you compile a program in 'debug' configuration these 'symbols' are ...
    (microsoft.public.dotnet.languages.vb)