[unisog] step up in SSH scanning starting today?

Alexander Clouter alex-unisog at digriz.org.uk
Tue May 13 20:29:04 GMT 2008


Valdis.Kletnieks at vt.edu <Valdis.Kletnieks at vt.edu> [20080513 15:47:21 -0400]:
> On Tue, 13 May 2008 13:28:33 EDT, "Couples, Christopher" said:
> [snipped ssh brute forcing countermeasures] 
> The *best* solution, ....
...is just to use public key authentication.  In a world of USB tokens, 
midpssh[1] and 'ssh-add'/'ssh -A' there hardly is any excuse anymore.

Sorry to be brutal but tis all true :)  Make sure your users have *one* ssh 
key pair per device[2], the idea is to have many key pairs but only one per 
device for revocation reasons.  If one of the keys is compromised your 
passphrase only has to be good enough to last the time it would take you to 
revoke and replace the key; not to last the lifetime of the user account 
that is typically the case.

As for the brute forcing someones private key's as suggested by a previous 
poster, erm 1024 bit's ain't what I would recommend brute forcing :-/ Okay, 
with the Debian issue this probably is all of a sudden feasible however other 
than this the only references to private key brute forcers I can find are 
against the encrypted private keyfile the user carries around with them[3].

For those worried about, and that run into the common chicken-and-the-egg 
issue, how to get to a system when you might not have your new public key on 
that system, you turn to using One-Time-Passwords's (OTP's).  Every sysadmin 
is unfortunate enough to have to have a dog-lease (aka mobile phone) so you 
get your mobile phones to generate the OTP using jFreeSafe[4] and on the host 
side, pam-opie[5], you will have a nice sweet 64bit changing password to 
protect your account.  I have mirrored the destructions I wrote up for 
internal use at my workplace[6] for those interested.

Please please please, plain text passwords have outlived their lifespan, 
especially so for SSH.  Of course if you can turn to L3 IP based ACL's to add 
an extra layer that is all good too however for many this is not an 
option...plus IP based ACL's are evil.  Throttling is still good though!



[1] http://www.xk72.com/midpssh/
[2] whether that be workstation or usb token or floppy disk
[3] http://www.securiteam.com/tools/5EP0R1FCKK.html
[3] http://freesafe.sourceforge.net/ this is the only multi-host J2ME app I 
	can find so it's the only one I recommend
[4] http://tho.org/andy/pam-opie.html
[5] http://stuff.digriz.org.uk/ssh-fun.html#one-time-password_authentication

/ Praise the sea; on shore remain. \
|                                  |
\ -- John Florio                   /
        \   ^__^
         \  (oo)\_______
            (__)\       )\/\
                ||----w |
                ||     ||
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://lists.sans.org/pipermail/unisog/attachments/20080513/f8f36cfd/attachment.bin 

More information about the unisog mailing list