Re: SSH

To: debian-security@lists.debian.org
Subject: Re: SSH
From: Hubert Chan <hubert@uhoreg.ca>
Date: Thu, 19 Dec 2002 14:15:37 -0500
Message-id: <87u1h96crq.fsf@labatt.uhoreg.ca>
In-reply-to: <20021219175236.GJ20606@vnl.com> (Dale Amon's message of "Thu, 19 Dec 2002 17:52:37 +0000")
References: <20021216225215.GA5610@zionlth.org> <Pine.LNX.4.33.0212171016230.13631-100000@router.windsormachine.com> <20021219175236.GJ20606@vnl.com>

>>>>> "Dale" == Dale Amon <amon@vnl.com> writes:

Dale> Did the mainstream ssh ever address the hidden Markov chain attack
Dale> on the password based on interpacket timings of the login?

IIRC, it is an issue with the SSH1 *protocol* (i.e. all implementations
will have the problem), that is not present in SSH2.

-- 
Hubert Chan <hubert@uhoreg.ca> - http://www.uhoreg.ca/
PGP/GnuPG key: 1024D/124B61FA
Fingerprint: 96C5 012F 5F74 A5F7 1FF7  5291 AF29 C719 124B 61FA
Key available at wwwkeys.pgp.net.   Encrypted e-mail preferred.

Attachment: pgpAnTNJunYct.pgp
Description: PGP signature

Reply to:

References:
- SSH
  - From: Phillip Hofmeister <plhofmei@zionlth.org>
- Re: SSH
  - From: Mike Dresser <mdresser_l@windsormachine.com>
- Re: SSH
  - From: Dale Amon <amon@vnl.com>

Prev by Date: Re: syslog-ng[164]: STATS: dropped 0
Next by Date: Re: FTP-SSL
Previous by thread: Re: SSH
Next by thread: Bug #173254 Submitted: Snort In Stable "Unusable"
Index(es):
- Date
- Thread