From owner-freebsd-security  Thu May 31 18:37:40 2001
Delivered-To: freebsd-security@freebsd.org
Received: from obsecurity.dyndns.org (adsl-63-207-60-66.dsl.lsan03.pacbell.net [63.207.60.66])
	by hub.freebsd.org (Postfix) with ESMTP id 4268037B422
	for <freebsd-security@FreeBSD.ORG>; Thu, 31 May 2001 18:37:37 -0700 (PDT)
	(envelope-from kris@obsecurity.org)
Received: by obsecurity.dyndns.org (Postfix, from userid 1000)
	id C04BF678A5; Thu, 31 May 2001 18:37:32 -0700 (PDT)
Date: Thu, 31 May 2001 18:37:32 -0700
From: Kris Kennaway <kris@obsecurity.org>
To: Crist Clark <crist.clark@globalstar.com>
Cc: "f.johan.beisser" <jan@caustic.org>, Alex Holst <a@area51.dk>,
	freebsd-security@FreeBSD.ORG
Subject: Re: Apache Software Foundation Server compromised, resecured. (fwd)
Message-ID: <20010531183732.B12216@xor.obsecurity.org>
References: <Pine.BSF.4.21.0105311727160.66343-100000@pogo.caustic.org> <3B16E7D9.3E9B78FF@globalstar.com>
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-md5;
	protocol="application/pgp-signature"; boundary="s/l3CgOIzMHHjg/5"
Content-Disposition: inline
User-Agent: Mutt/1.2.5i
In-Reply-To: <3B16E7D9.3E9B78FF@globalstar.com>; from crist.clark@globalstar.com on Thu, May 31, 2001 at 05:54:49PM -0700
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org


--s/l3CgOIzMHHjg/5
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Thu, May 31, 2001 at 05:54:49PM -0700, Crist Clark wrote:

> *sigh*
>=20
> You cannot 'record passphrases.' RSA authentication uses public key
> cryptography. The client, the person logging in, proves it knows a=20
> secret, the private key, without ever revealing it to the server who
> only knows the public key.

The ssh client on the sourceforge machine was trojaned; when the user
entered their private key passphrase on the compromised machine (in
order for the client to decrypt the private key and then perform RSA
handshake with the server) it stored a copy.  Once you have access to
that credential you can use it to impersonate that user to other
systems which trust it.

> The use of public key crypto allows you to log into potentially=20
> untrusted servers without revealing your secret.

But if you log in FROM an untrusted system using SSH and an
authentication protocol which uses a persistent credential token on
the client side (e.g. UNIX passphrase, RSA key, but not e.g. OPIE)
then all bets are off because you must give the malicious client
access to that credential in order for it to authenticate on your
behalf.

Kris

--s/l3CgOIzMHHjg/5
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (FreeBSD)
Comment: For info see http://www.gnupg.org

iD8DBQE7FvHcWry0BWjoQKURAkw9AJ4oPK/aw9a5Lzcfh3o8Ng4OKYAz0ACfS0U+
RciCaLUaqOwUFOW4vOIeCrw=
=OAUl
-----END PGP SIGNATURE-----

--s/l3CgOIzMHHjg/5--

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message