Re: Idea to secure ssh [was: howto block ssh brute-force]
On Mon, Mar 13, 2006 at 11:06:38PM -0500, Neal Murphy wrote:
The point is to obscure the ssh server from everyone, including those who are
authorized to access it remotely. The point is to reduce brute-forace attacks
to the point of nearly total ineffectiveness.
No more so than simply configuring ssh with decent passwords or public
key auth. These "brute force attacks" are succeeding with passwords like
"password" or "guest", not "asAc@casd!gskdjlAsd(". IMO, it's a lot more
sensible to spend a little time preventing obviously poor system
configuration than to erect complicated workarounds for same.
You seem to have this belief that someone contacting an ssh server is,
in itself, bad. That's silly. At any rate, you seem enamoured of your
scheme. Have fun with it, but don't expect it to take of.
Are you saying that anyone can generate a data packet that will correctly
decode with *my* public key?
It doesn't matter for an attack aimed at your decryption routine.
Assuming that there are, and will never be, any vulnerability in the
crypto itself you've done nothing more than reimplement ssh's public key
auth in a byzantine fashion.