[plug] OpenSSH and security holes
Leon Brooks
leonb at bounce.networx.net.au
Sat Dec 11 22:09:37 WST 1999
Christian wrote:
>> SSH Version OpenSSH-1.2, protocol version 1.5.
>> Compiled with SSL.
>> So I guess it's fine. (-:
> Well, I wouldn't assume that. I haven't used OpenSSH yet so I don't know
> whether it behaves the same way to normal SSH. I also don't know what the
> Linux porting team has done with regards to the duality of OpenBSD's SSL
> libraries. If they've used the US version which uses RSAREF then your
> OpenSSH will be vulnerable. I gave the "-V" switch as a way for people
> with standard SSH to check if they were vulnerable. For example:
> hobbes:~$ ssh -V
> SSH Version 1.2.26 [i586-unknown-linux], protocol version 1.5.
> Standard version. Does not use RSAREF.
OpenSSH was split from standard SSH at the last free version, then all
patent-encumbered stuff stripped out. This would naturally include RSA.
It uses OpenSSL, not the BSD libraries, for SSL.
> As for the other bug, I believe that involves connecting to an OpenSSH
> server with a SecureCRT client and it has been fixed in a recent OpenBSD
> patch. I don't know whether this patch has been integrated into Linux
> OpenSSH yet...
AFAIK, it happens semi-automagically, as in, the Linux port is kept as a
set of context diffs.
More information about the plug
mailing list