Bugtraq mailing list archives
Re: SSH Protocol Trick
From: Mikael Olsson <mikael.olsson () clavister com>
Date: Tue, 23 Jul 2002 22:46:48 +0200
auto458545 () hushmail com wrote:
It is servers which advertise this compatibility mode of 1.99 which are vulnerable to the attack. Servers in compatability mode have both protocols 1 and 2 enabled.
Just pointing out a small mistake here: running servers in compatibility mode is NOT what causes the problem, and the reverse is also true: running a server in forced v1 or v2 mode doesn't help. If you want a "workaround", it'd be forcing all your SSH clients to use a specific SSH version, but that's seldom a viable alternative. Then again, the best solution is probably educating all your users to always verify host fingerprints (hahahaha) or forcing public key auth instead of password auth (usually more viable) in your servers. People are more likely to notice "public key auth failed" rather than the old "new host key" message. -- Mikael Olsson, Clavister AB Storgatan 12, Box 393, SE-891 28 ÖRNSKÖLDSVIK, Sweden Phone: +46 (0)660 29 92 00 Mobile: +46 (0)70 26 222 05 Fax: +46 (0)660 122 50 WWW: http://www.clavister.com "It's July. I'm on vacation. Can't you tell? :)"
Current thread:
- SSH Protocol Trick auto458545 (Jul 22)
- Re: SSH Protocol Trick H D Moore (Jul 22)
- Re: SSH Protocol Trick stealth (Jul 23)
- Message not available
- Re: SSH Protocol Trick stealth (Jul 23)
- Message not available
- Re: SSH Protocol Trick Mikael Olsson (Jul 23)
- Re: SSH Protocol Trick Markus Friedl (Jul 25)