Re: OpenSSH & S/Key information leakage

From: Robert Bihlmeyer (robbe@orcus.priv.at)
Date: 11/16/01 

To: flaps@dgp.toronto.edu (Alan J Rosenthal)
Subject: Re: OpenSSH & S/Key information leakage
From: Robert Bihlmeyer <robbe@orcus.priv.at>
Date: 16 Nov 2001 11:31:17 +0100
Message-ID: <87r8qz57nu.fsf@orcus.priv.at>

flaps@dgp.toronto.edu (Alan J Rosenthal) writes:
[quote reordered & trimmed]

> A login prompt for a non-account looks like this:
>
> login: flomp
> otp-md5 175 at2078 ext
> Response:
>
> So far, so good. But press return once or twice to get "Login incorrect"
> (or make a new conection), and then do
>
> login: flomp
> otp-md5 220 at0624 ext
> Response:

Oops.

But if a system mandated a common seed for all accounts (one that changes
regularly) all login attempts will show that. For the sequence number, the
fake response could use a number that is dependent on the login name and
the seed, e.g. the lower bits of MD5(login + seed + host-secret)

Would using the same seed for all (real) accounts lose us security? My
intuition is no, but this needs to be thought over more.

> If OPIE didn't tell you the password number, for example, it would be quite
> hard to use.

You can keep the last used number on a slip of paper in your wallet
(according to one's threat model and set-up keeping the OTPs there as
well may be appropriate).

Logged-in users can query their seq#, if they are in doubt. The login
process can also tell you the current number if you try to use an
older OTP. This does not affect security, because an attacker that
knows an older OTP obviously has snooped on a previous successful
login attempt and thus knows that this account exists. 

-- 
Robbe

Relevant Pages

  • Re: Repost: Local logon and Network Access settings
    ... think require network login since they are over the wire do in fact ... In the default situation, Authenticated Users ... is a member of User on a member machine, and, Users are granted ... user accounts that should be allowed to log into the machines in SomeOU. ...
    (microsoft.public.windows.group_policy)
  • Re: Repost: Local logon and Network Access settings
    ... > think require network login since they are over the wire do in fact ... In the default situation, Authenticated Users ... > is a member of User on a member machine, and, Users are granted ... > user accounts that should be allowed to log into the machines in SomeOU. ...
    (microsoft.public.windows.group_policy)
  • =?ISO-8859-1?Q?Re:_RE:_Prob:_failed_to_verify_krb5_credentials:_Server_not_?= =?ISO-8859
    ... Every user shall login with its already existing AD accounts. ... These are the logins, which I try to enter in the login prompt when I visit http://wiki.test.lan:8080. ... I did a nslookup on the unix system and it showed me the server as ... AD, thats also in the keytab file, is TWikiUser. ...
    (comp.protocols.kerberos)
  • Re: Account Lockout Policies
    ... Allowing accounts to remain dormat for 30 days ... If a technical solution is unavoidable due to a lack of management buy-in, ... Extract login details from the security logs. ...
    (microsoft.public.security)
  • AIX password enumeration possible
    ... BPR personnel can neither confirm or deny this behaviour exists in any OS other than AIX of versions mentioned below. ... In the case that the correct password is provided, the response is as follows: ... believed to be in the response from the login program after authentication ... Give accounts that have been restricted from remote logins strong passwords. ...
    (Bugtraq)
Quantcast