[ILUG] Question about ssh
David Golden
david.golden at unison.ie
Fri Aug 3 12:24:02 IST 2007
On Friday 03 August 2007, Paul Barry wrote:
> David Golden wrote:
> > forth, but that would be INSANITY to use for stuff you might aspire
> > to keep secret or secure. Like, oh, ssh connection endpoint stuff)
>
> install opie-server
> and bring a few one-time passwords with you.
>
No.
That's why I said "endpoint" - That doesn't prevent injection attacks
given a subverted client acting as the endpoint.
OPIE stuff might be arguably useful if someone is watching you type on
an otherwise trusted machine. But if you can't trust the ssh binary or
the machine executing it, you're still screwed - the machine could
simply stop echoing for a bit and inject extra commands into the
connection you've helpfully just authorised it to open for you, lastly
injecting a clear command history. Attacker wouldn't even need to
subvert the ssh client. Just the machine's local GUI I/O layer. You'd
probably just interpret the pauses as network glitches, and corruption
of the history as another glitch (thought that should at least make you
suspicious).
Would it be worth the bother for most modern attackers given there are
countless windows machines out there basically for the taking if you
want a zombie? Probably not. But linux servers are much higher-value
targets than windows boxes.
Am I paranoid? Certainly. But injection attacks like the above are
*easy*, though covering lots of corner cases is deeply tedious (which
depending on your purposes mightn't matter - if you fail, there'll be
another insufficiently paranoid holidaying sysadmin along in a mo.)
More information about the ILUG
mailing list