Re: Bug#490883: openssh-server: logs some keys to /var/log/auth.log which is world readabl

To: debian-ssh@lists.debian.org
Subject: Re: Bug#490883: openssh-server: logs some keys to /var/log/auth.log which is world readabl
From: "Bernhard R. Link" <brlink@debian.org>
Date: Wed, 16 Jul 2008 10:59:37 +0200
Message-id: <[🔎] 20080716085936.GA9319@pcpool00.mathematik.uni-freiburg.de>
Mail-followup-to: debian-ssh@lists.debian.org
In-reply-to: <[🔎] 200807151300.53322.mvoorhie@yahoo.com>
References: <[🔎] 20080714225957.30452.98290.reportbug@tytus.smp.if.uj.edu.pl> <[🔎] 20080715080622.GX20593@ngolde.de> <[🔎] 20080715091152.GA3919@pcpool00.mathematik.uni-freiburg.de> <[🔎] 200807151300.53322.mvoorhie@yahoo.com>

* Mark Voorhies <mvoorhie@yahoo.com> [080715 22:24]:
> On Tuesday 15 July 2008 02:11:52 Bernhard R. Link wrote:
> > I want to contradict here. The public key contains all the information
> > needed to login, just garbled enough to make it extremly hard to use
> > this information. So it is a somewhat similar equivalence class like
> > the hashed password in /etc/shadow: If it is possible to keep it
> > secret, do so.
>
> /etc/shadow contains (salted) hashes of plaintext passwords.  This means that
> access to /etc/shadow allows an off-line dictionary attack, taking advantage
> of the limited keyspace of plaintext passwords.

Even with measures to forbid dictonary words in passwords, I still do
not want to have /etc/shadow known. It transfers something that is
something like a "shared secret" authentication into a "you do not have
enough computing power or knowledge to find an efficient algorithm"
authentication.
If someone tried to login all the time (by password or by key) that
would produce logs and thus the person risks to be catched.
Calculating the inverse of some hash algorithm or the private key
belonging to a public one may have no practical chance yet to succeed
in the key-case (unless you are some organisation or agency with really
much computing power, or you are some genius in computational number
theory), but you also do not risk to be caught at all (unless you use
other people's computing power).

> In contrast, recovering a
> private key from a public key requires a search of the much larger space of
> possible private keys.

I did not claim it is exactly the same. But both make it an
offline-attack and mean open access if the algorithm is found weaker
than thought. The only difference is the space of possible keys, but
that is only a quantitative difference making it sane to allow people to login
if the public key is publically known.
But it's not a qualitative difference making it sane to publish a
secret needed to login without need.

(Again I consider auth.log no such a publishing, but I want to
contradict the "publishing is no problem" argument).

Hochachtungsvoll,
	Bernhard R. Link
-- 
"Never contain programs so few bugs, as when no debugging tools are available!"
	Niklaus Wirth

Reply to:

References:
- Bug#490883: openssh-server: logs some keys to /var/log/auth.log which is world readabl
  - From: Witold Baryluk <baryluk@smp.if.uj.edu.pl>
- Bug#490883: openssh-server: logs some keys to /var/log/auth.log which is world readabl
  - From: Nico Golde <nion@debian.org>
- Re: Bug#490883: openssh-server: logs some keys to /var/log/auth.log which is world readabl
  - From: "Bernhard R. Link" <brlink@debian.org>
- Re: Bug#490883: openssh-server: logs some keys to /var/log/auth.log which is world readabl
  - From: Mark Voorhies <mvoorhie@yahoo.com>

Prev by Date: Re: Bug#490883: openssh-server: logs some keys to /var/log/auth.log which is world readabl
Next by Date: Bug#491324: ssh depends on too many packages (x11, ...)
Previous by thread: Re: Bug#490883: openssh-server: logs some keys to /var/log/auth.log which is world readabl
Next by thread: Bug#491324: ssh depends on too many packages (x11, ...)
Index(es):
- Date
- Thread