[12962] in bugtraq
Re: sshd1 allows unencrypted sessions regardless of server policy
daemon@ATHENA.MIT.EDU (Pavel Machek)
Tue Dec 14 22:30:14 1999
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Message-Id: <19991214220021.C153@bug.ucw.cz>
Date: Tue, 14 Dec 1999 22:00:21 +0100
Reply-To: Pavel Machek <pavel@SUSE.CZ>
From: Pavel Machek <pavel@SUSE.CZ>
X-To: Markus Friedl <Markus.Friedl@INFORMATIK.UNI-ERLANGEN.DE>,
BUGTRAQ@SECURITYFOCUS.COM
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: <19991214164332.A3513@faui01.informatik.uni-erlangen.de>; from
Markus Friedl on Tue, Dec 14, 1999 at 04:43:32PM +0100
Hi!
> Because passphrase-less hostkeys are 'encrypted' with cipher "none"
> the code for this cipher is always compiled into the programs. This
> way the client is free to choose "none" and no server will complain.
And what? Malicious ssh client can make non-encrypted connection. But
malicious ssh client can also send carbon-copy of all communication to
www.cia.org:5000! There's no way to protect from malicious ssh
clients...
> The current version OpenSSH-1.2.1 is not vulnerable. The obvious
...and I don't see why this is called vulnerability.
Pavel
--
I'm pavel@ucw.cz. "In my country we have almost anarchy and I don't care."
Panos Katsaloulis describing me w.r.t. patents me at discuss@linmodems.org
