I was browsing the web, and came across some interesting details about the SSH compromise back in the first part of 2008.  I had heard about a vulnerability, but assumed it was something obscure - the kind of bug that requires tricky math and is hard to implement.

It turns out it was easily exploitable.  According to the site below, someone commented out a couple lines of code in openssh that were causing valgrind to complain.  Unfortunately, those lines of code were capturing entropy.  After that edit, the only randomness in generating keys was process_ID and distro/architecture.  Since there’s 32,768 pids, there were 32,768 possible keys (and likely far less).  So, if you created 32.768 ssh keys, you could gain access to any debian-based system who’s keys were generated in 2007 or 2008.

http://www.metasploit.com/users/hdm/tools/debian-openssl/

Yeah, that’s a bug.  Any SSH keys from that time are suspect.  Anything transmitted or encrypted with those keys are suspect.  So is any server that relied upon it for security in lieu of passwords.  The list goes on…  They keys may have been fixed since then, but the effects could linger.  Even if nobody knew about it at the time, data is forever.  People could crack old snapshots of encrypted files years after the vulnerability is patched.

I think this makes an argument for multiple layers of security, where possible.

This entry was posted on Tuesday, January 13th, 2009 at 2:30 am and is filed under Uncategorized. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.