search for: sensitive_data

Hi, Is there any way to store HostKey in hardware (and delegate the related processing)? I have been using Roumen Petrov's x509 patch for clients, which works via an OpenSSL engine, but it does not seem to support server HostKey: http://roumenpetrov.info/pipermail/ssh_x509_roumenpetrov.info/2012q4/000019.html For PKCS#11, I have found an email on this list from a year back suggesting this

Hello, There's a memory allocation for sensitive_data.keys in ssh.c:848 which uses size of Key instead of Key*. This is probably harmless but seems to be wrong. --- a/ssh.c +++ b/ssh.c @@ -846,7 +846,7 @@ main(int ac, char **av) options.hostbased_authentication) { sensitive_data.nkeys = 7; sensitive_data...

...* Key host_keys num_host_keys times */ buffer_init(&m); buffer_put_cstring(&m, buffer_ptr(conf)); @@ -934,6 +938,18 @@ send_rexec_state(int fd, Buffer *conf) rexec_send_rng_seed(&m); #endif + num_host_keys = 0; + for (i = 0; i < options.num_host_key_files; i++) { + if (sensitive_data.host_keys[i] != NULL) + ++num_host_keys; + } + + buffer_put_int(&m, num_host_keys); + for (i = 0; i < options.num_host_key_files; i++) { + if (sensitive_data.host_keys[i] != NULL) + buffer_put_key(&m, sensitive_data.host_keys[i]); + } + if (ssh_msg_send(fd, 0, &m) == -1) fa...

Hi, Has anybody produced diffs for openssh-2.3.0p1 for the rsa keyexchange problem that Core-SDI described ? ( I noticed that fix is already in openbsd tree ). -Jarno -- Jarno Huuskonen - System Administrator | Jarno.Huuskonen at uku.fi University of Kuopio - Computer Center | Work: +358 17 162822 PO BOX 1627, 70211 Kuopio, Finland | Mobile: +358 40 5388169

...on as root and protocol v1 support has been disabled. The case for non-root users has already been addressed, but root follows a different code path. -- Iain Morgan diff --git a/ssh.c b/ssh.c index cceb36e..e32aa0a 100644 --- a/ssh.c +++ b/ssh.c @@ -1242,8 +1242,10 @@ main(int ac, char **av) sensitive_data.keys[i] = NULL; PRIV_START; +#ifdef WITH_SSH1 sensitive_data.keys[0] = key_load_private_type(KEY_RSA1, _PATH_HOST_KEY_FILE, "", NULL, NULL); +#endif #ifdef OPENSSL_HAS_ECC sensitive_data.keys[1] = key_load_private_cert(KEY_ECDSA, _PATH_HOST_ECDSA_KEY_FILE, "...

...tly to the network-facing process might not be such a good idea security-wise (in contrast to the much more restricted protocol of the privsep monitor), so I rearranged things so that only the monitor has the agent connection. This version also (somewhat unnecessarily) bundles public keys into the sensitive_data struct, but I didn't really see a more appropriate place to stash those. And, assuming things look OK thus far, I'm considering how best to handle the ssh-keysign problem. Since it's executed by a user's ssh client, it won't have the server's SSH_AUTH_SOCK environment vari...

...her machine. Most things seemed to work fine, except I was unable to ssh into the machine. After applying the following patch to the sshd code, a quick test with an ssh session worked: --- sshd.c~ Sat May 6 22:03:20 2000 +++ sshd.c Mon May 15 12:04:34 2000 @@ -404,9 +404,12 @@ destroy_sensitive_data(void) { /* Destroy the private and public keys. They will no longer be needed. */ - RSA_free(public_key); - RSA_free(sensitive_data.private_key); - RSA_free(sensitive_data.host_key); + if (public_key != NULL) + RSA_free(public_key); + if (sensit...

...e of server host key: " "actual size is %d bits vs. announced %d.", rbits, bits); log("Warning: This may be due to an old implementation of ssh."); --- sshd.c.O Thu Jul 5 10:49:10 2001 +++ sshd.c Thu Jul 5 10:49:27 2001 @@ -1217,7 +1217,12 @@ packet_put_bignum(sensitive_data.server_key->rsa->n); /* Store our public host RSA key. */ - packet_put_int(BN_num_bits(sensitive_data.ssh1_host_key->rsa->n)); + len = BN_num_bits(sensitive_data.ssh1_host_key->rsa->n); + if ((datafellows & SSH_BUG_SERVERLIESSIZE) && (len & 1)) { + /* old s...

...ertions(+) diff --git a/sshd.c b/sshd.c index dda8d9b77..cbdced5db 100644 --- a/sshd.c +++ b/sshd.c @@ -1533,6 +1533,8 @@ main(int ac, char **av) } else { do_log2(ll, "Unable to load host key: %s", options.host_key_files[i]); + sshkey_free(pubkey); + pubkey = NULL; sensitive_data.host_keys[i] = NULL; sensitive_data.host_pubkeys[i] = NULL; continue; -- 2.45.2

...ost key is specified in the sshd_config that does not exist (I used "./sshd -d -d -d -f sshd_config" with the shipped sshd_config file, to work around incompatibilities with the installed sshd.com's sshd_config, and I do not have ssh2 host keys on this machine), sshd will leave sensitive_data.host_keys[<i>] uninitialized - the memory area is malloc()ed, so never initialized, and later on destroy_sensitive_data reads a pointer from it and tries to overwrite *that* memory location. A quick fix is appended below: if a host key file can't be read, host_keys[i] is set to NULL....

...entity_files[SSH_MAX_IDENTITY_FILES]; Key *identity_keys[SSH_MAX_IDENTITY_FILES]; + int group_private_key; /* Local TCP/IP forward requests. */ int num_local_forwards; --- ssh.c.orig Thu Nov 27 16:31:08 2003 +++ ssh.c Thu Nov 27 16:30:46 2003 @@ -634,11 +634,13 @@ PRIV_START; sensitive_data.keys[0] = key_load_private_type(KEY_RSA1, - _PATH_HOST_KEY_FILE, "", NULL); + _PATH_HOST_KEY_FILE, "", NULL, options.group_private_key); sensitive_data.keys[1] = key_load_private_type(KEY_DSA, - _PATH_HOST_DSA_KEY_FILE, "", NULL); + _PATH_HOST_DS...

We've run into an interesting dilemma regarding last log information and ssh 4.2p1. In 3.8, we didn't see this problem, but now has cropped up in 4.2. When a user logs in, sshd seems to call 'last' to get the last log information. 'last' then opens the /var/log/wtmp file and processes the information. On some systems, this file can be quite large, and we're seeing

...ective_uid == 0 && options.use_privileged_port, #endif - options.proxy_command) != 0) + options.proxy_command, &canohost) != 0) exit(255); if (timeout_ms > 0) @@ -880,7 +881,7 @@ /* Log into the remote system. Never returns if the login fails. */ ssh_login(&sensitive_data, host, (struct sockaddr *)&hostaddr, - pw, timeout_ms); + pw, timeout_ms, canohost); if (packet_connection_is_on_socket()) { verbose("Authenticated to %s ([%s]:%d).", host, @@ -889,6 +890,8 @@ verbose("Authenticated to %s (via proxy).", host); } + xfree...

...ybe someone can suggest an avenue of investigation. This seems to be happening with any release of openssh since at least 2.5.2p1. 1) Problem #1: If SSH protocol 1 is enabled then sshd segfaults right off. This turns out to be because the call to arc4random_stir is corrupting memory and making sensitive_data.server_key non NULL. When key_free is then called on it's UNALLOCATED storage, you get a pretty seg fault. 2) Problem #3: snprintf doesn't like the %.100s specifier. For some reason 00s gets printed, and all the arguments get shifted. This breaks all sorts of things in all sorts of ho...

...private ?before key_load_public_rsa1 in buffer_init in buffer_append_space in buffer_get leaving from buffer_get in buffer_free ?before key_load_private_pem ?returning from key_load_private ?after key_load_private private host key: #1 type 2 DSA ?before setting protcol version options.protocol=4 ...sensitive_data.have_ssh1_key=0? sensitive_data.have_ssh2_key=1 use_privsep=1 ?before get pwnam ?after get pwnam ?before set groups ?before daemon starts ?after daemon starts before arc4random_stir before chdir ?before signal ?after signal ?in else condition AF_INET=2, AF_INET6=10 listen_sock=0ai->ai_family=2,a...

...private before key_load_public_rsa1 in buffer_init in buffer_append_space in buffer_get leaving from buffer_get in buffer_free before key_load_private_pem returning from key_load_private after key_load_private private host key: #1 type 2 DSA before setting protcol version options.protocol=4 ...sensitive_data.have_ssh1_key=0 sensitive_data.have_ssh2_key=1 use_privsep=1 before get pwnam after get pwnam before set groups before daemon starts after daemon starts before arc4random_stir before chdir before signal after signal in else condition AF_INET=2, AF_INET6=10 listen_sock=0ai->ai_family=2,a...

Could everyone please test the latest snapshots as we will be making a new release soon. If you have any patches you would like us to consider, please resend them to the list ASAP. -d -- | Damien Miller <djm at mindrot.org> \ ``E-mail attachments are the poor man's | http://www.mindrot.org / distributed filesystem'' - Dan Geer

https://bugzilla.mindrot.org/show_bug.cgi?id=2167 Bug ID: 2167 Summary: Connection remains when fork() fails. Product: Portable OpenSSH Version: 5.3p1 Hardware: Other OS: Linux Status: NEW Severity: enhancement Priority: P5 Component: sshd Assignee: unassigned-bugs at

...entication as root, and protocol v1 support has not been compiled in, ssh(1) complains about an invalid key type: # ssh testacct at somehost pwd key_load_private_type: unknown or unsupported key type /u/testacct This is due to ssh(1) attempting to load the RSA1 key (assuming that one exists) into sensitive_data.keys. This issue only occurs for root. --- Comment #1 from Damien Miller <djm at mindrot.org> --- *** This bug has been marked as a duplicate of bug 2505 *** -- You are receiving this mail because: You are watching someone on the CC list of the bug. You are watching the assignee of the b...

...o another server as a different user. The auditing trail is broken for tracing access. userA> ssh userB at hostB A simple syslog addition (for example) to ssh.c closes that gap. /* Log into the remote system. This never returns if the login fails. */ ssh_login(&sensitive_data, host, (struct sockaddr *)&hostaddr, pw); /* added for NERC logging and auditing */ syslog(LOG_NOTICE, "ssh: user %s connected to host %s as %s", pw->pw_name, host, options.user); Thanks