1. Vulnerability was verified against OpenSSH 4.7p1 on Debian
ok, good, I checked my versions of OpenSSH and none of them are that old. Maybe I have some breathing room here, could be a problem that is already taken care of.
2. The attack can possibly recover 32 bits of plaintext from an arbitrary block of ciphertext from an ssh session
ok, that's 32 bits of information, not bytes, bits so not a lot, that's 4 ascii characters.
3. The probability of success is 2^{-18}
ok, so that's 1/2^18 or 1/262144, not zero, but a pretty small number, I'm feeling better.
4. The configuration must be in the default state as the attack works against CBC mode ciphers
AHA, I see the word configuration and I run to a terminal and type
man sshd_config
. I then search for Ciphers and lo and behold, I see I can change the configuration easily to not use CBC mode. Nice. Time to edit sshd_config and ssh_config. Here's what I added to each file:Ciphers aes128-ctr,aes192-ctr,aes256-ctr,arcfour128,arcfour256Restart the daemon. Done. No need to panic. I then take a little time to look around for an OpenSSH advisory on it and I came across this http://www.openssh.com/txt/cbc.adv looks like the awesome people at OpenSSH came to the same conclusion as I did, nothing to panic about.
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.