On Wed, May 02, 2001 at 09:08:19PM +0200, Matteo S. wrote: > Hello! I have a doubt. The current SSH1 in Debian 2.2 potato is secure? > > I have read that ssh2 implementation of openssh is better secure and the ssh1 > is not secure. Is right?
ssh1 as a protocol is less secure then ssh2, but saying that ssh1 is insecure in general is FUD, spread alot by SSH Inc. who would like you to pay them $$ for thier non-free product. debian has backported security fixes for all the holes found in ssh1 daemons. the only thing they have not backported a fix for is the ssh traffic analysis. however this `vulnerability' is nearly impossible to exploit sucessfully, and even when done still gets the attacker very little. the way it works basically is watching encrypted packets go back and forth between two ssh connected machines, when the user runs su or some other password prompting utility the attacker can notice more packets going in one direction but not getting the same number echoed back. this is because su does not echo each character as its typed like a shell. in thoery the attacker may be able to guess approxamatly how many characters a password has. there is NOT a vulnerability allowing the attacker to decrypt or sniff the connection. ssh2 eliminates this by sending bogus noop packets back and forth that both sides simply ignore and throw away. this makes it impossible for someone watching the encrypted packets go by to make any guesses about what is happening in the session. IMO this is not something to lose sleep over. the other thing you may have heard about is the so called man in the middle attack. this is not a bug or flaw in ssh rather a flaw in the user. the only way a man in the middle attack can suceed with ssh is if the user either ignores ssh's screaming warning of mismatched host keys, or does not take any steps to verify that a new host key they accept from a new machine really belongs to that machine. -- Ethan Benson http://www.alaska.net/~erbenson/
pgp9nkvR1Unuo.pgp
Description: PGP signature
