[Triumf-linux-managers] Debian/Ubuntu SSL vulnerability
Andrew Daviel
advax at triumf.ca
Tue May 20 17:36:29 PDT 2008
Further to the previous alert:
If you have a recent Debian or Ubuntu system (e.g. on a laptop), running
the "etch" release (since September 2007), and have used it to generate
an SSH key used for access on any system (i.e. done "ssh-keygen" and
placed a key in .ssh/authorized_keys), please:
1) upgrade OpenSSL on your system to a secure version (see e.g.
http://www.ubuntu.com/usn/usn-612-6)
2) Delete the weak key from authorized_keys
3) Generate a new keypair and install the public key
Reportedly a weak key cam be brute-forced (guessed) in about 20 minutes.
The published exploit tries 65,536 2048-bit RSA keys; I presume
that one would need to try other lengths and also DSA.
There does not seem to be any logging for a failed key attempt if
fallback to password is disabled (at least, on my SSH-2.0-OpenSSH_4.1p1)
There is a script "dowkd.pl" available from
http://lists.debian.org/debian-security-announce/2008/msg00152.html
This is worth running. You need go get a file from CPAN:
cpan> install File::Temp
This can check for weak keys in users' authorized_keys files and also
known_hosts, /etc/ssh/
I confirm that the published exploit script can indeed crack a weak
password in a relatively short time.
--
Andrew Daviel, TRIUMF, Canada
Tel. +1 (604) 222-7376 (Pacific Time)
Network Security Manager
More information about the Triumf-linux-managers
mailing list