Debian OpenSSL Vulnerability may affect other distro servers as well
Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Now the weakness is 'distributed' by the users, it's not just a server-side vulnerability. If your server is running e.g. RedHat, it doesn't mean it is secure!.
In fact, if your server is running Debian and you installed the Debian security update for openssh, it will be much more secure than the RedHat server. Because the Debian server has a blacklist of keys that are too common. The other-Linux server who doesn't have this blacklist doesn't know that a certain 'weak' key is not trustworthy.
If any of you Security experts believe this overstates the danger, please say so. I'm no expert, but what he says sounds sane to me.
I'm not a security expert and I don't know if this was posted elsewhere but H.D. Moore explains the damage "better" for my tastes:
Quote:
All SSL and SSH keys generated on a Debian-based systems (Ubuntu, Kubuntu, etc) between September 2006 and May 13th, 2008 may be affected. (..) This flaw is ugly because even systems that do not use the Debian software need to be audited in case any key is being used that was created on a Debian system.
I think what the author is try to get at is this bit here:
Quote:
Any Linux/Unix/*BSD system is vulnerable that grants access to a key that was generated on an affected Debian or Ubuntu system.
He makes it sound like anyone running OpenSSH is vuln, which isn't exactly true. On my systems, both my OpenSSL and OpenSSH are built by me and have been for years now, so I've not turned out any of the keys that are potentially knowable. Say I have a user, john, home is /home/john, and he is a Debian user. He made a SSH key, sent it to me (root), and I put it in /home/john/.ssh/authorized_keys. Now john can login to my system. We find out Debian's OpenSSL is hosed, and so john replaces all his stuff. I am safe, and so I let /home/john/.ssh/authorized_keys stand, not thinking about it. Now Mr. Evil Hacker has all those weak keys in his Weak-Debian-Key kit (bet one is released real soon, if not already!) He connects to my system, and starts running thru keys to the john account, which he would hit (if not for several other security measures in place on my system). Debian has a tool to find those keys, I think it's called dowkd.pl. When I run this on my user's .ssh directory, it does in fact flag key 3, but it gives an odd message about no blacklist suitable. I'm guessing it's telling me it is a weak key? Anyway, I know it to be potentially, because while "john" isn't the user's real name, there is such a real user here, and I know he uses Debian, and generated that key only about a year ago. The solution would be 'cat /dev/null > /home/john/.ssh/authorized_keys' and notify john to re-send a properly created key.
That's my take on this without viewing the metasploit link [1]
Quote:
Nobody noticed the severity of this change for more than 2 years.
...that reported it
[1] I'm sorry, but I will not visit HDM's site, nor look at his work after his misguided attempt to filter Tor traffic by keyword on sniffed exit nodes. He has lost all credibility to me.
Both entries are showing at http://isc.sans.org/diary.html at this moment in time, although that could change later today. Note that the threatcon is yellow.
That's my take on this without viewing the metasploit link(..) He has lost all credibility to me.
With all due respect but your self-inflicted refusal to read that information harms nobody but you and leads to IMHO unnecessary rehashing. Regardless of how utterly misguided his attempts may have been, the TOR/HDM argument has no bearing on this subject unless you want to point out what he wrote is dead wrong (again). BMG, but then you would have to actually read the text, wouldn't you?..
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.