IETF Logo Mail Archive

Re: [Curdle] [saag] Time for SSH3?

Orie Steele <orie@transmute.industries> Thu, 21 December 2023 13:58 UTC

Return-Path: <orie@transmute.industries>
X-Original-To: curdle@ietfa.amsl.com
Delivered-To: curdle@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 94E7BC14F60C for <curdle@ietfa.amsl.com>; Thu, 21 Dec 2023 05:58:20 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.085
X-Spam-Level:
X-Spam-Status: No, score=-1.085 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, DOTGOV_IMAGE=1, HTML_MESSAGE=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_KAM_HTML_FONT_INVALID=0.01, T_REMOTE_IMAGE=0.01, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=transmute.industries
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id DSROtMIgF_22 for <curdle@ietfa.amsl.com>; Thu, 21 Dec 2023 05:58:16 -0800 (PST)
Received: from mail-pj1-x102a.google.com (mail-pj1-x102a.google.com [IPv6:2607:f8b0:4864:20::102a]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 77F4CC14CF0D for <curdle@ietf.org>; Thu, 21 Dec 2023 05:58:16 -0800 (PST)
Received: by mail-pj1-x102a.google.com with SMTP id 98e67ed59e1d1-28bc870c540so646649a91.2 for <curdle@ietf.org>; Thu, 21 Dec 2023 05:58:16 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=transmute.industries; s=google; t=1703167096; x=1703771896; darn=ietf.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=ndlFIoELM5F+LzVwWJf+GCxqJX0kwvCihMJelGWcVxw=; b=DHEdvPJQoP20xx/FIjymLeMCrcrsQCNsLN0oanQkI6YTGAniU6PzI0I09gXikMBPwK g2v9nhyxJsE5f9danejNkX7kYAk/DgoC7xgk+bTVjCL+Y2t0hwD/nYOummUPfq8PvTNS whlEbDubihMMZrB6TVOjM+SdprmSyd70mVqhj8hqA2kJInrxqv94SPsAlafYPQCzgixA De5smbv/mOXw9koB5vlAd/oubA/8/RWA70BGa33D6Q4wLCVCCAtC5BvX278vNrBI3SNE oFb2bqxRX0ReLz7Z57wDj2Q0IZFLL4KBKWuv3v1vNcheFLJIoX7PHXOj1wc9H8PUuNCG Zmtg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1703167096; x=1703771896; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=ndlFIoELM5F+LzVwWJf+GCxqJX0kwvCihMJelGWcVxw=; b=qM+6vI8lVjqofRpJD5wc1N3UkWNhJDcNQgFf0JzdS5fyTFQ2brtyUetc78478CHmDi fFpWveQAXLCrXCACrYMy5v9OVKSheHxO7zyyR9JAqo03qM2ScW6+jmjEvBEP0lHfteFJ dDAh3pMEH2adY6tf1CNE8whP0WXRtWV22j8+kQk79xovhktQ+pwv0hAweYNaI9z4v3/Y 5A/wBk1vwWVzLUCalJeCEJTd23PZLT2QM0NDgz+6aIJhoxcO/OIt3vrtx7UbJ6iOYAlZ 0ilSxQH505we25D9B+MDaZFTZLS9LPwAai3aKRcGdHdpRbhVlqsqrO5dQN9W74zzndPC MYYw==
X-Gm-Message-State: AOJu0Yycx57Z7XbrvZoin6vTUuqxsIdvImFsCYOMXLvLIv3ia/Vhrpu3 d5aLvsSxfGO4fM1ommdcHzFCH7lTzbPwQcc+dM3oAQ==
X-Google-Smtp-Source: AGHT+IHREH+VnBFEwO/h6lV7BtOjfBLuaLsKoarJyYB4ocvZG0QEmu/KGQUYorW69u65dxuaW0Ep9i+EiiO2QUZbf90=
X-Received: by 2002:a17:90b:46c7:b0:28b:ff08:9ae7 with SMTP id jx7-20020a17090b46c700b0028bff089ae7mr229000pjb.39.1703167095665; Thu, 21 Dec 2023 05:58:15 -0800 (PST)
MIME-Version: 1.0
References: <GVXPR07MB96789816DE49A02D46AC25628996A@GVXPR07MB9678.eurprd07.prod.outlook.com> <SY4PR01MB6251678A7FD714B5CDC26A8FEE96A@SY4PR01MB6251.ausprd01.prod.outlook.com> <42ca27dada0f3c27d813d0d37446d078@ucc.asn.au> <SY4PR01MB62512EB23E7E0D79A47F4F0BEE95A@SY4PR01MB6251.ausprd01.prod.outlook.com> <20231221054354.GB125701@mit.edu>
In-Reply-To: <20231221054354.GB125701@mit.edu>
From: Orie Steele <orie@transmute.industries>
Date: Thu, 21 Dec 2023 07:58:04 -0600
Message-ID: <CAN8C-_JdmsHX6evyp+c_nq3ynDngbnjBM5EiuQ7Rqj7yN_AacQ@mail.gmail.com>
To: Theodore Ts'o <tytso@mit.edu>
Cc: Peter Gutmann <pgut001@cs.auckland.ac.nz>, Matt Johnston <matt@ucc.asn.au>, John Mattsson <john.mattsson=40ericsson.com@dmarc.ietf.org>, saag <saag@ietf.org>, "curdle@ietf.org" <curdle@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000bb0e3c060d057dad"
Archived-At: <https://mailarchive.ietf.org/arch/msg/curdle/J7cewOgEXhKXYxz9jpdxQ8jWlKA>
Subject: Re: [Curdle] [saag] Time for SSH3?
X-BeenThere: curdle@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "List for discussion of potential new security area wg." <curdle.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/curdle>, <mailto:curdle-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/curdle/>
List-Post: <mailto:curdle@ietf.org>
List-Help: <mailto:curdle-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/curdle>, <mailto:curdle-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 21 Dec 2023 13:58:20 -0000

Seems like possibly a good time to mention VEX, since it's a relatively new
concept in software supply chain security.

- https://www.ntia.gov/files/ntia/publications/vex_one-page_summary.pdf
- https://github.com/openvex

The longer a component has survived production deployment, the more the set
of vex badges will look like Fruit Salad (slang for display of military
medals and ribbons on dress uniforms).

To Watson's comment earlier, having lots of badges is not always a good
thing, but having them and not proudly displaying them is probably worse.

OS



On Wed, Dec 20, 2023 at 11:44 PM Theodore Ts'o <tytso@mit.edu> wrote:

> On Thu, Dec 21, 2023 at 03:08:06AM +0000, Peter Gutmann wrote:
> >
> > Ah, good point....  it'd help first to get an idea
> > of what the practical impact of this attack is.  I mean, apart from egg
> on the
> > face what could an attacker actually do that's going to cause a real
> security
> > problem?
>
>    "The attack can be performed in practice, allowing an attacker to
>     downgrade the connection's security by truncating the extension
>     negotiation message (RFC8308) from the transcript. The truncation
>     can lead to using less secure client authentication algorithms and
>     deactivating specific countermeasures against keystroke timing
>     attacks in OpenSSH 9.5.
>
>     We also showed that Terrapin can be used to enable the
>     exploitation of implementation flaws. For example, we found
>     several weaknesses in the AsyncSSH servers' state machine,
>     allowing an attacker to sign a victim's client into another
>     account without the victim noticing. Hence, it will enable strong
>     phishing attacks and may grant the attacker Man-in-the-Middle
>     (MitM) capabilities within the encrypted session."
>
>     - https://terrapin-attack.com/
>
> So for an OpenSSH client/server pair, it's not _that_ terrible.  The
> keystroke timing attacks was something that only landed very recently
> (October 2023), and people have lived without it for quite some time.
>
> For people using AsyncSSH servers, the vulnerability seems to be a bit
> more unfortunate.  The fix has already been pushed out to the
> AsyncSSH, but the question is how quickly will people run "pip
> install --upgrade".
>
> > So perhaps before everyone rushes out work on their code with
> > a pair of pliers (and optionally a blowtorch),
>
> At least for people using OpenSSH it's just a set of pilers being
> applied to the ssh and sshd config file[1].   :-)
>
> [1] https://www.ssh-audit.com/hardening_guides.html
>
> So if you don't like the OpenSSH "innovations", it's not that hard to
> disable them.  :-)
>
>                                                 - Ted
>
> _______________________________________________
> saag mailing list
> saag@ietf.org
> https://www.ietf.org/mailman/listinfo/saag
>


-- 


ORIE STEELE
Chief Technology Officer
www.transmute.industries

<https://transmute.industries>

v2.29.0 | Report a Bug | By Email | System Status