Re: MORE SSH Hacking: heads-up

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



I wrote:
> There were a series of papers some time ago -- one of them is at
> http://www.cs.virginia.edu/cs588/projects/reports/team4.pdf -- which
> claimed that it was possible to guess which keys a user presses by
> measuring the time between keystrokes.

Aaron Gaudio replied:
> I'm not privvy to the intricacies to the ssh authentication protocol, but
> why doesn't/can't the ssh client simply not send any of the password until
> the user presses Enter, thereby defeating this attack against an initial
> ssh authentication (presumably the ssh client knows when the server is
> asking for a password)?
I should have made this clearer: it does. At least when the connection is
first established. The problem is when the user is asked for passwords
later (e.g. su or sudo).

> As for other passwords, such as sent to sudo once
> the connection is established, the connection is encrypted, so it seems 
> unlikely the attack would work.

Although the connection is encrypted, the fact that one exists can be
deduced (an attacker, in the right place, can see all those encrypted
packets going backwards and forwards). He or she can even tell when
they go, and how big they are, and deduce some details about what
is happening (a screen refresh is a lot bigger than a single character
being displayed).

> And if all else fails, the ssh client could
> (maybe it already does) insert some artificial random delays into 
> transmissions coming from key entries.

For that to work, the client would have to recognise when the server
was asking for a password. That would mean deducing the intent of what
was displayed. OpenSSH clients don't interpret the display at all: they
just pass it on to the terminal. PuTTY, of course, has an integrated
terminal emulator, but it still only displays what is sent: it has
no notion of "su".

Alternatively, of course, you could just drop these delays into all
communication. To be effective, you'd need enough delays that it might
be noticable over a slow connection. I've got ssh users over such
slow connections, and I can tell you they'd not be happy about it.

A cleaner solution would be to invent an API and a terminfo code for
programs to request passwords from a terminal, and terminals that would
know to prompt for a password and not send anything until Return was
pressed. If you patched su, sudo and passwd to use such a thing, and
PuTTY and several of the Linux xterms to understand the codes, you could
probably get enough momentum for most other vendors to jump on board.

The fact that this hasn't happened should tell you something -- notably
that it is a highly theoretical weakness, and none of the professional
paranoids are sufficiently worried.

James.

-- 
E-mail address: james | "It has taken 24 years to get the Reichstag wrapped.
@westexe.demon.co.uk  | Chancellor Kohl said it would only be wrapped over
                      | his dead body, so sensing an opportunity the
                      | Bundestag outvoted him."  -- The Guardian



[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux