DSA-1571 and GSSAPI

To: debian-security@lists.debian.org
Subject: DSA-1571 and GSSAPI
From: Juha Jäykkä <juhaj@iki.fi>
Date: Thu, 15 May 2008 16:15:39 +0300
Message-id: <[🔎] 200805151615.40145.juhaj@iki.fi>

Hi all!

I was wondering how bad this actually is and it looks extremely horrible. In 
practice, all data transmitter over the wire for the last two years and be 
snooped upon (if someone has captured it - and the paranoid must assume 
someone has).

Trusting on the security of ssh, we have, for example, used ssh to transmit 
data from server to server, including such sensitive information as Heimdal 
database master key... Am I correct in assuming this key has been 
compromised? And along with it all the Heimdal passwords... 

However, ever since we started using Heimdal, we have used GSSAPI 
authentication by default, which, to my understanding, does not rely on SSH 
host or user keys, but bases all its crypto on Kerberos. Does this mean data 
transmitted over GSSAPI-authenticated links is still secure? (Not that it 
matters much - there is no way of making sure the default (GSSAPI) was 
*always* used when transmitting sensitive data.

By the way, if (since?) all the data ever transmitted over any ssh link 
secured by a weak key is compromised, it means that every single GPG 
passphrase (or any other password) ever transmitted over any of these links 
is also compromised. Just count how many times you've used GPG over one of 
the weak links...

Cheers (looks like a cheerful weekend to come indeed)...
Juha

Reply to:

Follow-Ups:
- Re: DSA-1571 and GSSAPI
  - From: Russ Allbery <rra@debian.org>
- Re: DSA-1571 and GSSAPI
  - From: Joey Hess <joeyh@debian.org>

Prev by Date: Re: ssh-vulnkey and authorized_keys
Next by Date: Re: DSA-1571 and GSSAPI
Previous by thread: Re: ssh-vulnkey and authorized_keys
Next by thread: Re: DSA-1571 and GSSAPI
Index(es):
- Date
- Thread