[10785] in bugtraq
Re: ssh advirsory
daemon@ATHENA.MIT.EDU (cseg@WIRETECH.COM.BR)
Thu Jun 10 14:44:21 1999
Mime-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Message-Id: <Pine.LNX.4.10.9906091618380.639-100000@sorrow.wiretech.com.br>
Date: Wed, 9 Jun 1999 16:19:56 -0300
Reply-To: cseg@WIRETECH.COM.BR
From: cseg@WIRETECH.COM.BR
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: <19990609155154.A22258@ip6seguridad.com>
On Wed, 9 Jun 1999 altellez@IP6SEGURIDAD.COM wrote:
> Details
>
> when a ssh client connects to the daemon it has a number ( default
> three ) of attempts to guess the correct password before
> disconnecting if you try to connect with a correct login, but
> you only have once if you try to connect with a no correct login.
>
> EXAMPLE
>
> alfonso is not user ( login ) in 192.168.0.1
>
>
> $ssh 192.168.0.1 -l alfonso
> alfonso's password: <hit ENTER key>
>
> Disconnected; authentication error (Authentication method disabled.).
> $
>
> altellez is user ( login ) in 192.168.0.1
>
> $ssh 192.168.0.1 -l altellez
> altellez's password: <hit ENTER key>
> altellez's password:
>
> Now the remote attacker known that altellez is a true login in
> 192.168.0.1
>
> QUICK FIX
>
> Edit the file sshd2_config (usually at /etc/ssh2), set the value
> of "PasswordGuesses" to 1.
>
> I only has tested it with ssh-2.0.12
I just tried that error with ssh-2.0.13. It was more strange..
--- [ unexistant user `unknown' ]
local:~> ssh -lunknown 192.168.0.1
Disconnected; authentication error (No further authentication methods available.).
local:~>
--- [ existant user `me' ]
local:~> ssh -lme 192.168.0.1
me's password: [<ENTER>]
Disconnected; authentication error (Authentication method disabled.).
local:~>
--
Delete yurself, you got no chance to win.