openssh bugs - Jan 2005 - [Bug 975] Kerberos authentication timing can leak information about account validity

http://bugzilla.mindrot.org/show_bug.cgi?id=975

           Summary: Kerberos authentication timing can leak information
                    about account validity
           Product: Portable OpenSSH
           Version: -current
          Platform: All
               URL: http://marc.theaimsgroup.com/?l=openssh-unix-
                    dev&m=110371328918329&w=2
        OS/Version: All
            Status: NEW
          Severity: normal
          Priority: P2
         Component: Kerberos support
        AssignedTo: openssh-bugs at mindrot.org
        ReportedBy: dtucker at zip.com.au


There is apparently a difference in behaviour in the Kerberos code for existing
vs nonexistent users.  See the thread in the URL.

To summarise the thread:

Senthil Kumar said:
> I tested [with the patch in bug #971 - dt] OpenSSH-3.9p1 with the following
> options in sshd configuration
> 
> ChallengeResponseAuthentication `no`
> KerberosAuthentication `yes`
> passwordauthentication `yes`
> 
> but it shows difference in time for the appearance of password prompts for 
> both valid and invalid users. The code shows PAM-password Authentication is
> not attempted when KerberosAuthentication is enabled. So by disabling 
> kerberosAuthentication there is no difference in time for the appearance of
> password prompts for both valid and invalid users (ie.both cases have 
> considerable amount of delay).
Later testing showed that the early return in auth-krb5.c when
!authctxt->valid
is the cause of the difference.



------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

http://bugzilla.mindrot.org/show_bug.cgi?id=975





------- Additional Comments From senthilkumar_sen at hotpop.com  2005-01-20
22:20 -------
Created an attachment (id=778)
 --> (http://bugzilla.mindrot.org/attachment.cgi?id=778&action=view)
Patch for Kerberos timing difference for Valid and Invalid user

For PAM-Passwd Authentication with KerberosAuthentication being set to yes,
there exists a time difference for valid user and invalid user. The attached
patch fixes that. I am asked to move the authctxt->valid check to out block
in
auth-krb5.c in the mailing lists but I think it is not necessary.



------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

http://bugzilla.mindrot.org/show_bug.cgi?id=975


dtucker at zip.com.au changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
 Attachment #778 is|0                           |1
           obsolete|                            |




------- Additional Comments From dtucker at zip.com.au  2005-01-27 18:24 -------
Created an attachment (id=790)
 --> (http://bugzilla.mindrot.org/attachment.cgi?id=790&action=view)
check authctxt->valid on return too

I think it's safer to check authctxt->valid anyway in case, eg in case
the user
is listed in DenyUsers.




------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.