No subject

Thu Mar 18 17:34:04 MDT 2010

[Chapter 3: Inside SSH, p53]

"The draft also defines the “none” cipher, meaning no encryption is to
be applied. While there are legitimate reasons for wanting such a
connection (including debug- ging!), some SSH implementations do not
support it, at least in their default configuration. Often, recompiling
the software from source with different flags, or hacking the code
itself, is needed to turn on support for “none” encryption.* The reason
is that it’s deemed just too dangerous. If a user can easily turn off
encryption, so can an attacker who gains access to a user’s account,
even briefly. Imagine surreptitiously adding this to an OpenSSH user’s
client configuration file, ~/.ssh/config:

# OpenSSH Host *
Ciphers none

or simply replacing the ssh program on a compromised machine with one
that uses the “none” cipher, and issues no warnings about it. Bingo! All
the user’s SSH sessions become transparent, until he notices the change
(if ever). If the client doesn’t support “none,” then this simple config
file hack won’t work; if the server doesn’t, then the client-side Trojan
horse won’t work, either."

Steve Jenkin, Info Tech, Systems and Design Specialist.
0412 786 915 (+61 412 786 915)
PO Box 48, Kippax ACT 2615, AUSTRALIA

sjenkin at

More information about the linux mailing list