No subject
Thu Mar 18 17:34:04 MDT 2010
[Chapter 3: Inside SSH, p53]
<http://www.ssh.com/documents/28/sshtdg2_ch03.pdf>
"The draft also defines the none cipher, meaning no encryption is to
be applied. While there are legitimate reasons for wanting such a
connection (including debug- ging!), some SSH implementations do not
support it, at least in their default configuration. Often, recompiling
the software from source with different flags, or hacking the code
itself, is needed to turn on support for none encryption.* The reason
is that its deemed just too dangerous. If a user can easily turn off
encryption, so can an attacker who gains access to a users account,
even briefly. Imagine surreptitiously adding this to an OpenSSH users
client configuration file, ~/.ssh/config:
# OpenSSH Host *
Ciphers none
or simply replacing the ssh program on a compromised machine with one
that uses the none cipher, and issues no warnings about it. Bingo! All
the users SSH sessions become transparent, until he notices the change
(if ever). If the client doesnt support none, then this simple config
file hack wont work; if the server doesnt, then the client-side Trojan
horse wont work, either."
--
Steve Jenkin, Info Tech, Systems and Design Specialist.
0412 786 915 (+61 412 786 915)
PO Box 48, Kippax ACT 2615, AUSTRALIA
sjenkin at canb.auug.org.au http://members.tip.net.au/~sjenkin
More information about the linux
mailing list