[oclug] SSH1 Exploit?
David F. Skoll
dfs at roaringpenguin.com
Wed Feb 14 10:43:02 EST 2001
Billy Omer wrote:
> I hear from a local UNIX guru that there is a ssh1 exploit running wild
> in the forest.
Haven't heard of this. I have heard of an exploit to recover SSH server
keys, but it's rather difficult to do, as it requires on the order of
2^20 connections (that's one million) to the SSH server before the key
expires. It works out to about 400 connections/second for the default
expiry time of one hour.
OpenSSH 2.3.0 can limit the connection rate. OpenSSH 2.3.0 has its own
serious bug regarding parsing options in the authorized_keys file, but
I've been in contact with the developers and they're fixing it.
More information about the OCLUG