Re: Patching a SSH 'Weakness'

view
thread

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

[view in full thread]

From: Stuart Henderson <stu@...>

To: <misc@...>

Subject: Re: Patching a SSH 'Weakness'

Date: Friday, September 12, 2008 - 9:53 am

On 2008-09-12, ge7r85o02@sneakemail.com wrote:

quoted text

> To all who opposed the suggestion to send one block of data
> when the key is pressed: my suggestion strictly referred
> to the login procedure, not to the later data communication. I did
> not mention this because I thought it was clear from the context
> of the original poster who
> has expressively mentioned "passwords". You may want to reconsider the suggestion in this light.

The initial password is sent as a block (of course that simple case
was taken care of). The problem OP mentions relates to passwords typed
within the session e.g. su, sudo, ssh to another host, ...

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

Messages in current thread:

Re: Patching a SSH 'Weakness', Stuart Henderson, (Fri Sep 12, 9:53 am)

Re: Patching a SSH 'Weakness', Toni Spets, (Fri Sep 12, 12:41 pm)

Re: Patching a SSH 'Weakness', Hannah Schroeter, (Tue Sep 16, 9:24 am)

Re: Patching a SSH 'Weakness', David Higgs, (Fri Sep 12, 2:17 pm)

Re: Patching a SSH 'Weakness', Jonathan Schleifer, (Fri Sep 12, 2:37 pm)

Navigation

Popular discussions


linux-kernel:
Greg KH	[GIT PATCH] driver core patches against 2.6.24
Hiten Pandya	Re: up? (emacs docbook xml ide)
Andy Whitcroft	clam
Kamalesh Babulal	Re: 2.6.23-rc6-mm1
git:

linux-netdev:

Stephen Hemminger	Re: iptables very slow after commit 784544739a25c30637397ace5489eeb6e15d7d49
David Miller	[GIT]: Networking
Gerrit Renker	[PATCH 27/37] dccp: Integration of dynamic feature activation - part 2 (server side)
openbsd-misc:

Colocation donated by:

Online users

Syndicate