[ILUG-BOM] Security hole in OpenSSH

3 May 2003


      I dont know if to call this a security hole or not. Basically if you are
using OpenSSH which autheticates using PAM its open to a timing attack by
which you can see if a user is a vaild user on a box or not. It works like
this
ssh [valid.user]@hostname
password: <enter gibbrish>
[2 second delay]
wrong password, enter password:
basically if u are a valid user on the system there is a 2 second delay
before you are prompted again to enter the password when u type a wrong
password and if the user you are trying is not a vaild user there is not 2
second delay.
usually ssh root@hostname gives u the 2 second dealy since root is always
around :)
but say you try ssh god@hostname might not give u the dealy unless the box
has an account god
-- 
regards
Vikram (http://www.vicramresearch.com)

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

2003

2002

2001

[ILUG-BOM] Security hole in OpenSSH