On Tue, 9 Feb 1999, Greg A. Woods wrote:
> Go read Phrack #51 (the piece about hiding trojans from tripwire using a
> hidden LKM) and then tell me how I'm going to trust an un-trusted host.
And this is not relevant as I showed - you don't trust the untrusted host.
You limit the possible effect of an intrusion through the untrusted
machine in time. The same effect can of couse be achived through using
different rsa keys which are invalidated after each use, but this is of
course much harder to use than a hardware token.
> However regardless of the authentication scheme you *MUST* still trust
> the client host before and after the initial SSH connection is opened.
No you don't. At least, you don't have to trust them forever. By
requiering reauthentication of the user after a certain time there is a
limited time window after compromise of the connection that a hacker can
attack you. After that, his window is closed and if he hasn't managed to
penetrate the system security on the "internal" system by that time he
will basically have lost. Some problems still exist with persistant state
(eg files on disk) which is desireable to keep.
Please read what I and other have written before arguing that we don't
read what you write. There are two basic advantages: automatic trust
revocation after finishing the connection - we don't have to trust the
client after we have logged out. A compromise then incurs no risk of
compromise of the trusted system. The somewhat (understatement of the
year, but anyway) smaller advantage is that with proper containment system
on the trusted host a hackers activities will be limited in time even if
the connection is compromised.
The client is irrelevant - it can be compromised all it wants to. It has
no relevance on what I have written.
Peter
--
Peter Svensson ! Pgp key available by finger, fingerprint:
<[EMAIL PROTECTED]> ! 8A E9 20 98 C1 FF 43 E3 07 FD B9 0A 80 72 70 AF
<[EMAIL PROTECTED]> !
------------------------------------------------------------------------
Remember, Luke, your source will be with you... always...
