Displaying 20 results from an estimated 3000 matches similar to: "ssh wish list?"
2023 Aug 06
2
Packet Timing and Data Leaks
On Thu, 3 Aug 2023, Chris Rapier wrote:
> Howdy all,
>
> So, one night over beers I was telling a friend how you could use the timing
> between key presses on a type writer to extract information. Basically, you
> make some assumptions about the person typing (touch typing at so many words
> per second and then fuzzing the parameters until words come out).
>
> The I
2009 Sep 08
3
OpenSSH and keystroke timings
Old news, but ... http://lwn.net/Articles/298833/
I first posted about this back in 2001 and it's still not resolved:
http://osdir.com/ml/ietf.secsh/2001-09/msg00000.html
1) high latency networks are a reality that will never go away. In fact they
will only become more prevalent since distributed networks continue to grow
broader but (surprise) the speed of light remains a constant.
2)
2010 Jun 14
5
cooked mode sessions
Picking up on a couple really old threads (e.g.
http://osdir.com/ml/ietf.secsh/2001-09/msg00003.html ) I've finally gotten
around to this. The EXTPROC support on Linux is missing, but you can find
kernel patches for that here
http://lkml.org/lkml/2010/6/11/403
I've also fixed up the netkit telnet / telnetd code to work with EXTPROC /
LINEMODE on Linux, those patches are here
2015 Jan 07
2
discussion about keystroke timing attacks against SSH on the cryptography ML
Hi folks.
FYI:
There's a discussion[0] about keystroke timing attacks against SSH going
on on the cryptography mailing list.
Would be interesting to hear the opinion of some OpenSSH folks what
SSH/OpenSSH is doing against this and what could maybe be don in
addition.
Especially since the main idea behind the attack is obviously not
limited to the initial authentication phase when a password
2023 Oct 23
2
ssh wish list?
Hi Chris,
On 18/10/2023 19:13, Chris Rapier wrote:
> Do any of you have a wish list of things you'd like to see in ssh?
get Roumen Petrovs pkissh implementation merged and maintained upstream
I know this is a huge page with little chances to get accepted, but I'd
like to mention this, because it has been on my personal wish list for a
long time. Sure, I can install pkissh, but if
2023 Aug 06
1
Packet Timing and Data Leaks
On Sun, 6 Aug 2023, Howard Chu wrote:
>The keystroke timing issue would be solved by adding LINEMODE support as I did back in 2010.
>https://lists.mindrot.org/pipermail/openssh-unix-dev/2010-June/028732.html
Local line editing by using GNU libreadline? *shudder* No, thanks.
bye,
//mirabilos
--
Infrastrukturexperte ? tarent solutions GmbH
Am Dickobskreuz 10, D-53121 Bonn ?
2023 Aug 06
1
Packet Timing and Data Leaks
Damien Miller wrote:
> On Thu, 3 Aug 2023, Chris Rapier wrote:
>
>> Howdy all,
>>
>> So, one night over beers I was telling a friend how you could use the timing
>> between key presses on a type writer to extract information. Basically, you
>> make some assumptions about the person typing (touch typing at so many words
>> per second and then fuzzing the
2011 Jan 26
1
Packets Sizes and Information Leakage
This message is a few years old so I cannot reply to the original, but
it is still of current research interest.
> So one of my coworkers is doing a little research on SSH usage in the
> wild using netflow data. One of the things he's trying to do is
> determine a way to differentiate between data transfers and interactive
> sessions. We thought of a couple of ways but we wanted
2010 Jun 17
1
Small bug in mux_master_read_cb()
I'm looking at the code from CVS as of May 21. The statement to allocate the
mux state is allocating the size of a pointer, instead of the size of the
struct being pointed to. The bug is benign in the original code because the
struct has only an int element inside it, but it would corrupt memory if the
struct were to be extended.
Simple fix here:
diff --git a/mux.c b/mux.c
index
2009 Oct 26
2
[LLVMdev] disassembly/decompiling
Hi, just read the LLVM 2.6 release announcement, the bit about llvm-mc caught
my attention. I've been looking for a tool to disassemble x86 object files
into an IR and then reassemble them into x86_64 object code. The immediate use
for them would be to convert driver blobs that some vendors provide for their
hardware (e.g. the Lucent modem driver) so they can be used in a 64 bit
kernel.
2023 Aug 07
1
Packet Timing and Data Leaks
Thorsten Glaser wrote:
> On Sun, 6 Aug 2023, Howard Chu wrote:
>
>> The keystroke timing issue would be solved by adding LINEMODE support as I did back in 2010.
>> https://lists.mindrot.org/pipermail/openssh-unix-dev/2010-June/028732.html
>
> Local line editing by using GNU libreadline? *shudder* No, thanks.
I also ported it to use libedit instead, but readline is more
2009 Oct 26
0
[LLVMdev] disassembly/decompiling
On Oct 26, 2009, at 1:00 AM, Howard Chu wrote:
> Hi, just read the LLVM 2.6 release announcement, the bit about llvm-
> mc caught
> my attention. I've been looking for a tool to disassemble x86 object
> files
> into an IR and then reassemble them into x86_64 object code. The
> immediate use
> for them would be to convert driver blobs that some vendors provide
>
2011 Jan 26
1
Randomness in packet padding length as a feature
Hello list,
RFC 4253 provides for per-packet random padding, the length of which
depends on the payload and the cipher block size. If I understand
correctly, for OpenSSH (5.7) this is done in packet.c lines 674-684
and 881-911?
Although the padding itself is random, its length is not, and the
final packet size is just a step function of the size of the payload.
This can be a problem to some
2009 Oct 27
4
[LLVMdev] disassembly/decompiling
Chris Lattner wrote:
>
> On Oct 26, 2009, at 1:00 AM, Howard Chu wrote:
>
>> Hi, just read the LLVM 2.6 release announcement, the bit about llvm-
>> mc caught
>> my attention. I've been looking for a tool to disassemble x86 object
>> files
>> into an IR and then reassemble them into x86_64 object code. The
>> immediate use
>> for them would be
2023 Jul 20
1
Ten second intermittent delay on login
On Thu, Jul 20, 2023 at 1:49?PM Johnnie W Adams <jxadams at ualr.edu> wrote:
>
> Hi, folks,
>
> We're experiencing an odd ten-second delay intermittently when logging
> into any of our Linux boxes which authenticate against LDAP. Here's where
> it happens:
>
> Jul 13 11:54:23 console2 sshd[1853]: debug1: temporarily_use_uid: <my
> uid\gid>
2023 Jul 22
1
Ten second intermittent delay on login
Nico Kadel-Garcia wrote:
> On Thu, Jul 20, 2023 at 1:49?PM Johnnie W Adams <jxadams at ualr.edu> wrote:
>>
>> Hi, folks,
>>
>> We're experiencing an odd ten-second delay intermittently when logging
>> into any of our Linux boxes which authenticate against LDAP. Here's where
>> it happens:
>>
>> Jul 13 11:54:23 console2
2010 Aug 19
0
Linemode again
My Linux kernel patches for linemode support have been pulled into the 2.6.36
release stream, so I figure it's time to finish up the work on openssh, bash,
tcsh, readline, libedit, and anything else that comes along. As I last wrote here
http://wiki.github.com/hyc/OpenSSH-LINEMODE/
I've got a few open issues remaining...
First, I re-organized muxed session handling such that all
2008 May 28
7
[Bug 1473] New: Add option to save PID of a backgrounded ssh process
https://bugzilla.mindrot.org/show_bug.cgi?id=1473
Summary: Add option to save PID of a backgrounded ssh process
Classification: Unclassified
Product: Portable OpenSSH
Version: 5.0p1
Platform: All
OS/Version: All
Status: NEW
Severity: enhancement
Priority: P2
Component: ssh
AssignedTo: bitbucket
2017 Feb 05
3
wireguard what do you guys tinc?
Hello everybody,
I saw Guus already had contact with Jason over email.
What do you guys tinc of wireguards, are there advantages? Jason seems
to have a good grip of what he is talking about.
https://fosdem.org/2017/schedule/event/wireguard/attachments/slides/1675/export/events/attachments/wireguard/slides/1675/wireguard_slides.pdf
https://fosdem.org/2017/schedule/event/wireguard/
Kind
2010 Jun 09
5
LPK integration - summary and ideas
Hello everybody,
I'd like to have LPK (or something like that - getting public keys from
LDAP) integrated into mainline OpenSSH.
*** First of all, a summary.
The project page at
http://code.google.com/p/openssh-lpk/
mentions that a few distributions include LPK per default; but reading the
various threads at
Support for merging LPK and hpn-ssh into mainline openssh?