Bugtraq mailing list archives
Re: "The End of SSL and SSH?"
From: Alfred Perlstein <bright () WINTELCOM NET>
Date: Wed, 20 Dec 2000 15:45:42 -0800
* Perry E. Metzger <perry () PIERMONT COM> [001220 15:05] wrote:
Kurt Seifried in an article on SecurityPortal shrilly entitled "The End of SSL and SSH?" claims that SSH needs a PKI to be secure. The claim is that because people have built man-in-the-middle attack software (see http://www.monkey.org/~dugsong/dsniff/) that can intercept SSH sessions, that SSH is insecure. After all, if a MITM attack happens, the user will be informed of this, and since the user can choose to ignore the warning that a host key has changed and log in, SSH must be fatally flawed. Without a PKI, Seifried claims, there is no way to know if a host key is authentic. This argument makes absolutely no sense to me. The problem is simply one of the user interface allowing a user to ignore a security failure. If a remote login utility using a PKI prompted the user with "host key is not certified, log in anyway?", it would be no better than SSH implementations. If A kerberized remote login utility prompted a user with "remote key is incorrect, log in anyway", it too would be no better. If this is truly the extent of the flaw Mr. Seifried things requires a full PKI to fix, I'd like to know why setting StrictHostKeyChecking yes isn't a near-complete fix to the "End of SSH" Mr. Seifried predicts.
Yes, there's a summary here: http://docs.freebsd.org/cgi/getmsg.cgi?fetch=129878+0+current/freebsd-security You can read Kurt's response to my initial complaint here: http://docs.freebsd.org/cgi/getmsg.cgi?fetch=133111+0+current/freebsd-security And yes, his prediction is based on the stupidity and carelessness of users who are pavlovian trained to click/reply "YES, I don't care about this problem" when confronted with a dialog box no matter how dire the warning in the dialogue. There's also no mention of using pgp or some other trusted mechanism to distribute the known server keys in the article. But, hey, with things like NAPTHA making headlines, who said anyone wasn't entitiled to their 15 minutes? :) -- -Alfred Perlstein - [bright () wintelcom net|alfred () freebsd org] "I have the heart of a child; I keep it in a jar on my desk."
Current thread:
- Re: "The End of SSL and SSH?", (continued)
- Re: "The End of SSL and SSH?" Kurt Seifried (Dec 19)
- Re: "The End of SSL and SSH?" Perry E. Metzger (Dec 19)
- Re: "The End of SSL and SSH?" Stefan Monnier (Dec 20)
- Re: "The End of SSL and SSH?" Brett Glass (Dec 20)
- Re: "The End of SSL and SSH?" Crispin Cowan (Dec 20)
- Re: "The End of SSL and SSH?" Ajax (Dec 20)
- Re: "The End of SSL and SSH?" Eric Rescorla (Dec 21)
- Re: "The End of SSL and SSH?" Kurt Seifried (Dec 19)
- Re: "The End of SSL and SSH?" Damien Miller (Dec 21)
- Re: "The End of SSL and SSH?" Ryan Russell (Dec 21)
- Re: "The End of SSL and SSH?" Michael H. Warfield (Dec 20)
- Re: "The End of SSL and SSH?" Perry E. Metzger (Dec 21)
- Re: "The End of SSL and SSH?" Eric Rescorla (Dec 21)
- Re: "The End of SSL and SSH?" Samuele Giovanni Tonon (Dec 21)
- Re: "The End of SSL and SSH?" - mongo followup Kurt Seifried (Dec 24)
- Re: "The End of SSL and SSH?" Darren Reed (Dec 21)
- Re: "The End of SSL and SSH?" Klaus Moeller (Dec 22)