[talk] [EXTERNAL] Heads Up, OpenSSH MITM "Terrapin"

George Rosamond george at ceetonetechnology.com
Wed Dec 20 12:56:52 EST 2023 

To continue the top-posting debacle here...

Yes, it's not some broad sweeping vulnerability if you read the
OSS-Security post by one of the finders:

https://www.openwall.com/lists/oss-security/2023/12/18/3

But like most people, if I hear any SSH-related CVE, I sort of jump out
of my chair in the immediate 30 seconds.

g

On 12/20/23 11:13, Callahan, Brian Robert wrote:
> Terrapin is not that serious.
> 
> From the OpenSSH 9.6 release notes:
> "While cryptographically novel, the security impact of this attack
>    is fortunately very limited as it only allows deletion of
>    consecutive messages, and deleting most messages at this stage of
>    the protocol prevents user user authentication from proceeding and
>    results in a stuck connection.
> 
> The most serious identified impact is that it lets a MITM to
>    delete the SSH2_MSG_EXT_INFO message sent before authentication
>    starts, allowing the attacker to disable a subset of the keystroke
>    timing obfuscation features introduced in OpenSSH 9.5. There is no
>    other discernable impact to session secrecy or session integrity."
> 
> https://www.openssh.com/releasenotes.html
> 
> ~Brian
> 
> --
> Brian Robert Callahan, Ph.D., CISSP, CCSP, SSCP, CC
> Graduate Program Director, ITWS at RPI
> Director, Rensselaer Cybersecurity Collaboratory
> Office: Lally 304
> 
> -----Original Message-----
> From: talk <talk-bounces at lists.nycbug.org> On Behalf Of Isaac (.ike) Levy
> Sent: Wednesday, December 20, 2023 10:21 AM
> To: talk at lists.nycbug.org
> Subject: [EXTERNAL][talk] Heads Up, OpenSSH MITM "Terrapin"
> 
> CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe.
> 
> Hey all,
> 
> If it's not on your holiday radar, there's a serious OpenSSH vulnerability, "Terrapin".
> 
> --
> For busy folks, the fastest mitigation I've read is in the FreeBSD advisory, https://www.freebsd.org/security/advisories/FreeBSD-SA-23:19.openssh.asc
> 
> IV. Workaround
> 
> Add the following lines to /etc/ssh/ssh_config and /etc/ssh/sshd_config:
> Ciphers -chacha20-poly1305 at openssh.com
> MACs -*etm at openssh.com
> 
> (restart sshd)
> 
> --
> Gory details, history, and fancy blowfish graphics:
> https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack/
> 
> Happy Holidays!
> 
> Best,
> .ike
> 
> 
> 
> _______________________________________________
> talk mailing list
> talk at lists.nycbug.org
> https://lists.nycbug.org:8443/mailman/listinfo/talk
> 
> _______________________________________________
> talk mailing list
> talk at lists.nycbug.org
> https://lists.nycbug.org:8443/mailman/listinfo/talk

More information about the talk mailing list