<<< Date Index >>>     <<< Thread Index >>>

Re: yet another OpenSSH timing leak?



Marco Ivaldi wrote:
It needs expect, and target ssh hostkey must be already added. I'd be very interested in knowing the results of tests performed on other distros and configurations.


Hi Marco,

nice to meet you :-). I tried to do this test over my 10 Mbps lan and this is the result:

giangy@thor:~/dev$ ./sshtime calipso users.txt

a@calipso                       real 9.55
root@calipso                    real 9.33 <- valid user with shell
wheel@calipso                   real 10.44
giangy@calipso                  real 9.49
cdrom@calipso                   real 9.68
burning@calipso                 real 9.47
mysql@calipso                   real 9.35
operator@calipso                real 9.59 <- valid user with shell
test@calipso                    real 9.51 <- valid user with shell

Another test:

a@calipso                  real 9.37
root@calipso               real 9.90 <- valid user with shell
wheel@calipso              real 10.66
giangy@calipso             real 9.41
cdrom@calipso              real 9.30
burning@calipso            real 10.30
mysql@calipso              real 9.47
operator@calipso           real 10.21 <- valid user with shell
test@calipso               real 10.98 <- valid user with shell
daemon@calipso             real 7.14
abcd@calipso               real 7.20


"root", "operator" and "test" are valid users with a valid shell enabled. I made this test on Slackware 11.0 (fresh installation) with OpenSSH_4.4p1. I used the default sshd_config (see http://slackware.osuosl.org/slackware-current/source/n/openssh/ for more informations about the package). So, I don't received any timing leak in this session.

I'll try as possible other distributions and configurations. However, good work Marco :-).

Best Regards,

Gianluca Varisco