Re: Idea to secure ssh [was: howto block ssh brute-force]
On Mon, Mar 13, 2006 at 03:03:24PM -0500, Neal Murphy wrote:
The idea is to present information to the server that only the server can
decrypt, and that, in theory, only the authorized user could have generated.
Much like an authentication system. What's the point of all this over
just authenticating via ssh? Sounds like a ridiculously complicated and
error-prone method to reduce log entries. And realistically you'd want
to log attempts to brute force this mechanism, right?
Yes, allowing UDP packets in is, in a sense, an open port, but it's a one-way
port. UDP packets have a fixed maximum size and the information carried in
the packet is trivial in nature; UDP packets are generally benign. It's a
given that anyone who knows the server's public key can generate an encrypted
packet, but only an authorized user can correctly generate the encrypted
parts inside the encrypted packet.
No, anyone can generate encrypted parts. IMHO, there's not much chance
that the decryption routines in your magic udp parser are going to be
less vulnerable than those in openssh itself. Having "two layers of
Having "two layers of encryption" in this context is fairly pointless.
Why not use three layers, or four? What analysis demonstrates a
demonstrable return for that second layer, weighed against the cost of
this kooky mechanism? If you really need multiple encryption layers, do
it right and use an existing standard like ipsec rather than inventing a
convoluted "secret method".