[5225] in testers
Re: sshd uses wrong replay cache for version 1
daemon@ATHENA.MIT.EDU (Sam Hartman)
Tue Jun 11 22:34:50 2002
To: John Hawkinson <jhawk@mit.edu>
Cc: testers@mit.edu
From: Sam Hartman <hartmans@MIT.EDU>
Date: Tue, 11 Jun 2002 22:34:38 -0400
In-Reply-To: <20020611220311.GB21753@multics.mit.edu> (John Hawkinson's
message of "Tue, 11 Jun 2002 18:03:11 -0400")
Message-ID: <87adq1tebl.fsf@luminous.mit.edu>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
>>>>> "John" == John Hawkinson <jhawk@MIT.EDU> writes:
John> Sam Hartman <hartmans@MIT.EDU> wrote on Tue, 11 Jun 2002 at
John> 13:19:50 -0400 in
John> <20020611171950.814D4151FEF@industrial-algebra.mit.edu>:
>> At first I thought this could be exploited on systems with
>> unencrypted rlogin enabled in order to gain rlogin access by
>> sniffing the authenticators sent over the ssh session.
>> However, it turns out that since the Kerberos exchange is
>> encrypted within the ssh session for version 1, I cannot think
>> of a way to exploit this.
John> Isn't the kerberos exchange only encrypted for one of
John> {openssh | ssh.com}?
You're thinking of krb5_cred. The credentials should be
double-encrypted once in the ssh session layer and once at the
Kerberos layer. With ssh.com they are only encrypted at the ssh
session layer.
