Re: Patch: Ciphers, MACs and KexAlgorithms on Match

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



On Sun, 8 Jun 2014, Darren Tucker wrote:

> # Broken curve25519-sha256@xxxxxxxxxx
> Match Implementation OpenSSH-6.6
>   KexAlgorithms
> diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha1
> 
> Plus you could turn off DH Group exchange to those Cisco implementations
> that fail when asked for a preferred group >4k bit without compromising
> security for every other implementation.

That opens a door for a MITM to degrade the crypto options used by spoofing
one/both banner strings. Of course they would need to be able to fake the
KEX hash later, but if they get to choose the algorithms used then this
becomes more likely.

I've been removing the compat hacks for old SSH implementations that
cause dodgy crypto to be used for this very reason.

-d
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev




[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux