[clug] secure remote access method

Daniel Pittman daniel at rimspace.net
Fri Jun 19 12:34:31 GMT 2009 

Hugh Fisher <hugh.fisher at anu.edu.au> writes:
> Daniel Pittman wrote:
>
>> After all, you would be extremely hard pressed to find a more security
>> focused group of software maintainers than the core secure login technology
>> of the OpenBSD project, who have as their key selling point that they are
>> secure.
>
> That had been my impression, but I was beginning to doubt it. I know it's not
> what was intended, but the responses gave me the impression that running out
> of the box ssh on your system was almost criminally irresponsible and little
> better than having account name: root password: root

Ah, well.  The problem that people are talking about here is a *social*
problem, not a technical one: weak passwords, essentially.

Because it is a social problem you /can't/ solve the general case with a
technical solution, because people will work around it.

Heck, recently a group of very, very technical people I was around had a
discussion about a password system that required a password change every week,
no reuse for 128 passwords[1], minimum length above 20 characters, characters
from all the standard classes[2], no dictionary words, and no more than three
characters in sequence from any one class.

Which was *still* vulnerable to a fairly trivial "rotate the number" guessable
sequence of passwords, and which still left plenty of other risks.


You just /can't/ solve the general case at a technical level, because people
will work around the cumbersome system to fix it.  You can, of course, for a
limited environment.


Anyway, finally, if I wanted to provide an "open the firewall after login"
mechanism I would probably run something over HTTPS that took a username and
password.

That can be custom enough to make generic brute force attacks hard[3], and
runs on a system where I can detect attacks and lock out the attacker quickly.

Regards,
        Daniel

Footnotes: 
[1]  In other words, more or less forever.

[2]  Alphabetical, numeric, symbols.  I think they had something else too, but
     I can't recall what.  Oh, well.

[3]  In this case, the URL and HTML-form namespace is large enough that you
     can quite reasonably count on obscurity to be a useful component of the
     defence for some time yet.

More information about the linux mailing list