SSH sniffer attack poses minor risk
UK security researchers have discovered hard-to-exploit cryptographic weaknesses in the Secure Shell (SSH) remote administration protocol. The shortcoming creates a potential means to recover the plain text of encrypted sessions, depending on remote access configurations. Potential attacks - which would take ninja-like hacking …
This topic is closed for new posts.
Default is...
Anyone remember what the default is for OpenSSH (block or stream cipher type)?
Think of the children
Anything which poses risk to minors must be stopped.
Re: Default is ...
For openssh 3.9p1, 4.3p2 and 5.1p1 (the versions I have readily to hand) the default cipher would appear to be aes128-cbc. You can put a "Ciphers" stanza in you ~/.ssh/config to choose one of the stream ciphers -- see ssh_config(5). I've no idea what you do if you're using winders.
I expect there'll be a patch along shortly though.
Pedanticism "Corner"
"the Secure Shell (SSH) remote administration protocol"
hmmn. Remote shell protocol maybe, but it's used for a lot more than just admin work.
So....
The ninjas that can manage a man in the middle could possibly capture packets and decrypt them back to plain text. Which if they are lucky contains something nice to steal.
Sounds like a pretty limited flaw. I won't be going out of my way to fix it... I'll fix it by waiting for Debian to fix it for me ;-)
This topic is closed for new posts.
