Copyright May 2005 TonyLawrence
An MIT researcher thinks there is a big problem in ssh: https://www.techworld.com/security/news/index.cfm?NewsID=3668
I don't see it. This whole concept starts with a compromised machine. Duh: when a machine is compromised, all sorts of information about other machines it knows about is exposed. Getting the public keys from known_hosts isn't particularly useful in itself; public keys are, after all, *public* keys. Much more dangerous is the exposure of the private key counterparts. Combine the two, and yes, you may have a easy path to another machine.
I get the sense that what they are really talking about here is the danger from distributed credentials, a subject we've touched on here more than once: making it easy for the pointy eared boss and the other technically inept folk always affects security, and ssh is no different in that regard.
Maybe I'm missing something, but to my mind, a compromised box presents risk to other machines for a lot of reasons, and ssh is just one, and even that isn't necessarily an issue if you don't have other machines accepting public key authentication.
Got something to add? Send me email.
More Articles by Tony Lawrence © 2009-11-07 Tony Lawrence
It all sounds good from the pulpit,but come Monday morning all the sinners are back to business as usual writing crappy code. (Tony Lawrence)