Bugtraq mailing list archives
Re: SSH1 key recovery patch
From: Pavel Machek <pavel () UCW CZ>
Date: Sun, 18 Feb 2001 18:36:04 +0100
Hi!
--- rsaglue.c Wed Jan 17 11:42:52 2001 +++ rsaglue.c Tue Feb 13 16:05:33 2001 @@ -264,8 +264,10 @@ mpz_clear(&aux); if (value[0] != 0 || value[1] != 2) + { + kill(getppid(),SIGALRM); fatal("Bad result from rsa_private_decrypt"); - + } for (i = 2; i < len && value[i]; i++) ; --- sshd.c Wed Jan 17 11:42:53 2001 +++ sshd.c Tue Feb 13 16:05:15 2001 @@ -757,9 +757,11 @@ RETSIGTYPE key_regeneration_alarm(int sig) { + static time_t last_keygen_time=0; /* Check if we should generate a new key. */ - if (key_used) - { + if (key_used && (time(NULL) - last_keygen_time > 60)) + { + last_keygen_time = time(NULL); /* This should really be done in the background. */ log_msg("Generating new %d bit RSA key.", options.server_key_bits); random_acquire_light_environmental_noise(&sensitive_data.random_state);
This is still not good. You changed time from hour to minute+time it takes for signal to be delivered. That only means faster server is needed for this to be exploitable. Pavel -- I'm pavel () ucw cz. "In my country we have almost anarchy and I don't care." Panos Katsaloulis describing me w.r.t. patents at discuss () linmodems org
Current thread:
- SSH1 key recovery patch Iván Arce (Feb 13)
- Re: SSH1 key recovery patch Andrew Brown (Feb 15)
- Re: SSH1 key recovery patch Pavel Machek (Feb 19)
- Re: SSH1 key recovery patch Johannes Geiger (Feb 20)
- Re: SSH1 key recovery patch Johannes Geiger (Feb 21)
- Re: SSH1 key recovery patch Markus Friedl (Feb 21)
- Message not available
- Re: SSH1 key recovery patch Markus Friedl (Feb 22)