http://www.metafilter.com/tags/ssh Posts tagged with 'ssh' at MetaFilter. Fri, 16 May 2008 22:01:42 -0800 Fri, 16 May 2008 22:01:42 -0800 en-us http://blogs.law.harvard.edu/tech/rss 60 http://www.metafilter.com/71730/15%2Dbits%2Dof%2Dcrypto%2Dshould%2Dbe%2Denough%2Dfor%2Danybody On May 13, security advisories published by <a href="http://lists.debian.org/debian-security-announce/2008/msg00152.html">Debian</a> and <a href="http://www.ubuntu.com/usn/usn-612-1">Ubuntu</a> revealed that, for over a year, their OpenSSL libraries have had a major flaw in their <a href="http://en.wikipedia.org/wiki/Cryptographically_secure_pseudorandom_number_generator" title="Wikipedia: Cryptographically secure pseudorandom number generator">CSPRNG</a>, which is used by <a href="http://en.wikipedia.org/wiki/Key_generation" title="Wikipedia: Key generation">key generation</a> functions in many widely-used applications, which caused the "random" numbers produced to be extremely predictable. <small>[<a href="http://blog.rominet.net/2008/05/debianopenssl-debacle.html">lolcat summary</a>]</small> How bad is it? It's <a href="http://www.debian.org/security/key-rollover/">pretty</a> <a href="http://wiki.debian.org/SSLkeys">bad</a>. Understand that these keys are used not only for encryption, but also for authentication. The keyspace has been reduced to a mere 32,768 possibilities, and you can already <a href="http://metasploit.com/users/hdm/tools/debian-openssl/">download them all</a>, along with tools to use them. Worse still, in the days <em>before</em> the issue became publicly known, there was a <a href="http://www.informationweek.com/news/security/attacks/showArticle.jhtml?articleID=207603339">noticeable</a> <a href="http://stats.denyhosts.net/stats.html">spike</a> in the number of brute-force attacks on SSH servers, indicating that there has already been significant exploitation of this vulnerability. Partial timeline of events: In May 2006, <a href="http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=363516">a bug</a> led to <a href="http://thread.gmane.org/gmane.comp.encryption.openssl.devel/10917">a question</a> which led to <a href="http://svn.debian.org/viewsvn/pkg-openssl/openssl/trunk/rand/md_rand.c?rev=141&r1=140&r2=141">the fateful patch</a> being applied to <a href="http://svn.debian.org/viewsvn/pkg-openssl/openssl/trunk/rand/md_rand.c?rev=141&view=markup">md_rand.c</a> (in Debian's "unstable" development branch). In April 2007, Debian 4.0 "etch" and Ubuntu 7.04 were both released, which was the beginning of the inclusion of the buggy version of OpenSSL in officially-released distributions. The bug remained unfixed through the releases of Ubuntu 7.10 and 8.04. On May 7, 2008, the <a href="http://svn.debian.org/viewsvn/pkg-openssl/openssl/trunk/crypto/rand/md_rand.c?rev=300&view=diff&r1=300&r2=299">patch to fix the problem</a> was committed to Debian's source repository, and on May 13 the issue was officially disclosed and updated packages were made available to users. (The patch's availability days before public disclosure of the bug appears to be a violation of <a href="http://www.debian.org/doc/developers-reference/ch-pkgs.en.html#s-bug-security-confidentiality">Debian's policy</a>.) <a href="http://blog.drinsama.de/erich/en/linux/2008051401-debian-openssl-desaster.html">Here</a> <a href="http://blog.drinsama.de/erich/en/linux/2008051401-consequences-of-sslssh-weakness.html">are</a> <a href="http://changelog.complete.org/posts/714-Thoughtfulness-on-the-OpenSSL-bug.html">some</a> <a href="http://www.aigarius.com/blog/2008/05/14/too-similar-to-be-different/">responses</a> <a href="http://algebraicthunk.net/~dburrows/blog/entry/worst-ever/">from</a> <a href="http://www.advogato.org/person/branden/diary/5.html">Debian</a> <a href="http://blog.steve.org.uk/i_still_don_t_know_why_i_m_here.html">blogs</a>, and <a href="http://www.links.org/?p=327">two</a> <a href="http://www.links.org/?p=328">from</a> an OpenSSL developer. tag:metafilter.com,2008:site.71730 Fri, 16 May 2008 22:01:42 -0800 crypto cryptography debian internet linux math numbers owie prng probability random security ssh ssl ubuntu finite http://www.metafilter.com/432/ <a href="http://www.cri.cz/kra/index.html">a good reason to dump telnet for</a> <a href='http://staff.washington.edu/dittrich/misc/ssh/'>ssh:</a> The main goal of the <a href='ftp://ftp.gncz.cz/pub/linux/hunt/hunt-1.4bin.tgz'>HUNT</a> project is to develop tool for exploiting well known weaknesses in the TCP/IP protocol suite. <a href='http://www.cri.cz/kra/index.html'>I tried to implement</a> some 'new' features which I didn't see in any free product. (connection synchronization after attack, ARP relayer, ...) tag:metafilter.com,1999:site.432 Mon, 20 Dec 1999 20:25:00 -0800 HUNT security ssh tcp-ip telnet greyscale