Bugtraq mailing list archives

Re: SSH1 key recovery patch

From: Pavel Machek <pavel () UCW CZ>
Date: Sun, 18 Feb 2001 18:36:04 +0100

Hi!

 --- rsaglue.c   Wed Jan 17 11:42:52 2001
+++ rsaglue.c   Tue Feb 13 16:05:33 2001
@@ -264,8 +264,10 @@
   mpz_clear(&aux);

   if (value[0] != 0 || value[1] != 2)
+  {
+    kill(getppid(),SIGALRM);
     fatal("Bad result from rsa_private_decrypt");
-
+  }
   for (i = 2; i < len && value[i]; i++)
     ;

--- sshd.c      Wed Jan 17 11:42:53 2001
+++ sshd.c      Tue Feb 13 16:05:15 2001
@@ -757,9 +757,11 @@

 RETSIGTYPE key_regeneration_alarm(int sig)
 {
+  static time_t last_keygen_time=0;
   /* Check if we should generate a new key. */
-  if (key_used)
-    {
+  if (key_used &&  (time(NULL) - last_keygen_time > 60))
+   {
+      last_keygen_time = time(NULL);
       /* This should really be done in the background. */
       log_msg("Generating new %d bit RSA key.", options.server_key_bits);

random_acquire_light_environmental_noise(&sensitive_data.random_state);


This is still not good.

You changed time from hour to minute+time it takes for signal to be
delivered. That only means faster server is needed for this to be
exploitable.
                                                                Pavel
--
I'm pavel () ucw cz. "In my country we have almost anarchy and I don't care."
Panos Katsaloulis describing me w.r.t. patents at discuss () linmodems org

Current thread:

SSH1 key recovery patch Iván Arce (Feb 13)
- Re: SSH1 key recovery patch Andrew Brown (Feb 15)
- Re: SSH1 key recovery patch Pavel Machek (Feb 19)
- Re: SSH1 key recovery patch Johannes Geiger (Feb 20)
  - Re: SSH1 key recovery patch Johannes Geiger (Feb 21)
  - Re: SSH1 key recovery patch Markus Friedl (Feb 21)
    - Message not available
    - Re: SSH1 key recovery patch Markus Friedl (Feb 22)