MORE SSH Hacking: heads-up

Aaron Gaudio prothonotar at tarnation.dyndns.org
Mon Aug 16 00:58:27 UTC 2004


Behold, James Wilkinson <james at westexe.demon.co.uk> hath decreed:
> On the possibility of "sniffing" a password sent through a SSH-encrypted
> tunnel:
> 
> There were a series of papers some time ago -- one of them is at
> http://www.cs.virginia.edu/cs588/projects/reports/team4.pdf -- which
> claimed that it was possible to guess which keys a user presses by
> measuring the time between keystrokes.
> 

I'm not privvy to the intricacies to the ssh authentication protocol, but
why doesn't/can't the ssh client simply not send any of the password until
the user presses Enter, thereby defeating this attack against an initial
ssh authentication (presumably the ssh client knows when the server is
asking for a password)? As for other passwords, such as sent to sudo once
the connection is established, the connection is encrypted, so it seems 
unlikely the attack would work. And if all else fails, the ssh client could
(maybe it already does) insert some artificial random delays into 
transmissions coming from key entries.

-- 

prothonotar at tarnation.dyndns.org
"Every man is a mob, a chain gang of idiots." 
                           - Jonathan Nolan, /Memento Mori/
  
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/fedora-list/attachments/20040815/63c96047/attachment-0001.sig>


More information about the fedora-list mailing list