SSH - are you nuts!?!
Does Bruce Schneier lie?

by Jesse Monroy, Jr., President SVBUG

Summary and Review:

Jan. 12, 2001

This talk was given on Jan. 4, 2001. The comments from many was "You'll be making a fool of yourself". Perhaps I should have changed the title to read, "Jesse, your nuts for doing this talk". Certainly it drained me.

While this talk was not what I hoped (it was way too long 2+ hours) I think the end goal is being accomplished. What enticed me to do this talk was hearing may people at local computer club meetings say, "Anyone using telnet any more is nuts!" After the talk was completed someone told me that Bruce Schneier had give a talk stating similar words (the origin was revealed.).

As such, I found many problems. The first, and most difficult to overcome, was my peers stating that, "I was not qualified". Certainly, I am not a security expert or an encryption expert, but a I had knowledge of logic, mathematics, computer hardware & software, security and some common sense. These things, and my good friends from work and local clubs, drilled me to find the flaws in ssh. However, some, without their knowledge, would argue for ssh only to reveal a classic error in logic.

The Points listed below are points that I made during the talk. Any person disputing these points is welcome to come to San Jose and give opposing points of view durning a regular scheduled meeting of SVBUG You may schedule your rebuttal by emailing the webmaster.

Errors in this presentation are mine alone. No error here should be attributed to the origin, whatsoever. I take full responsibility for errors, misinformation, mis-attribution or falsehoods presented here.

Lastly, this is labeled "Work In Progress" for two (2) reason:

  1. I have a job, that work takes priority.
  2. More facts are being uncovered everyday, I'll post them when available.

Major Discussion Points

As I am aware that some people wish to dispute my argument I am making some of the Raw Data Available.

Updates To Information

Note: Information in this area may be incomplete until I have time to fill it in. That might be never, given the situation. If you feel you need more information on any area below, please email me.

Security Issues on FreeBSD with SSH as of this date.

OpenSSH PAM challenge/authentication error Announced: 2003-10-05
OpenSSH buffer management error Announced: 2003-09-16
openssh contains remote vulnerability Announced: 2002-07-15
OpenSSH contains exploitable off-by-one bug Announced: 2002-03-07
OpenSSH UseLogin directive permits privilege escalation [REVISED] Announced: 2001-12-02
SSH1 implementations may allow remote system, data compromise Announced: 2001-02-12
Hostile server OpenSSH agent/X11 forwarding Announced: 2001-01-15

Talk given Jan. 4, 2001

OpenSSH UseLogin directive permits remote root access Announced: 2000-07-05
ssh port listens on extra network port [REVISED] Announced: 2000-06-07

Security Issues on FreeBSD with Telnet as of this date.

telnet client buffer overflows Announced: 2005-03-28
telnetd contains remote buffer overflow Announced: 2001-08-20
telnetd contains remote buffer overflow Announced: 2001-07-23

Talk given Jan. 4, 2001

telnetd allows remote system resource consumption [REVISED] Announced: 2000-11-14 © 30-Apr-2006