Re: [9fans] SSH Version2

9fans - fans of the OS Plan 9 from Bell Labs
 help / color / mirror / Atom feed

From: Eric Grosse <ehg@research.bell-labs.com>
To: 9fans@cse.psu.edu
Subject: Re: [9fans] SSH Version2
Date: Mon,  7 Oct 2002 14:09:25 -0400	[thread overview]
Message-ID: <2a5251c5f0d6ff7d90c428a4dfa29c5e@plan9.bell-labs.com> (raw)

> yikes, does that mean Plan9 is subject to the ssh1 problems other systems are
> warned not to pursue (via switching to ssh2)?

We're not vulnerable to the integer overflow leading to root compromise, because
our implementation is independent and we happen not to have the same bugs.

But yes, we're vulnerable to the CRC/CBC attacks inherent in the protocol;  see
  http://www.kb.cert.org/vuls/id/13877
for details.  Unlike the integer overflow and man-in-the-middle attacks, this
one is not straightforward to launch.    Patches to other ssh implementations
have often introduced worse holes than the original problem, so we're inclined to
just switch to ssh2.  As further motivation, we mainly use ssh to call from Plan 9
to Unix systems and those will increasingly allow only ssh2.  But nobody here has
had time to do the work yet.

Any volunteers from outside?  We'd happily take back improved code and replace
what's in the distribution.

Also, if anyone following this more closely knows for a fact that tools for script
kiddies can routinely hijack existing sessions or break in to the idle server
under our implementation, please send mail and we'll rearrange our priorities.

Eric

next             reply	other threads:[~2002-10-07 18:09 UTC|newest]

Thread overview: 16+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2002-10-07 18:09 Eric Grosse [this message]
2002-10-08  2:11 ` William K. Josephson
  -- strict thread matches above, loose matches on Subject: below --
2002-10-08  5:25 Russ Cox
2002-10-08  6:16 ` Andrew
2002-10-07 16:31 Russ Cox
2002-10-07 16:21 Russ Cox
2002-10-07 16:57 ` Andrew
2002-10-08  2:16   ` William K. Josephson
2002-10-08  4:14     ` Andrew
2002-10-08  4:25       ` William Josephson
2002-10-04 23:44 Russ Cox
2002-10-07 10:42 ` Jeff Sickel
2002-10-07 12:51   ` Markus Friedl
2002-10-07 16:02     ` Andrew
2002-10-07 17:00       ` Markus Friedl
2002-10-04 23:43 Adrian

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=2a5251c5f0d6ff7d90c428a4dfa29c5e@plan9.bell-labs.com \
    --to=ehg@research.bell-labs.com \
    --cc=9fans@cse.psu.edu \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).