[OpenAFS-devel] New OpenSSH
Jeffrey Hutzelman
jhutz@cmu.edu
Thu, 26 Feb 2004 13:25:33 -0500
On Wednesday, February 25, 2004 20:12:52 +0000 Simon Wilkinson
<simon@sxw.org.uk> wrote:
> Garrett Wollman wrote:
>> <<On Wed, 25 Feb 2004 00:02:31 +0000 (GMT), sxw@inf.ed.ac.uk said:
>>
>>
>>> Also note that gssapi-with-mic is incompatible with the 'gssapi'
>>> userauth authentication method in 3.7, and earlier in my patches.
>>> There is also no support for GSSAPI key exchange.
>>
>>
>> So those of us who depend on this are still stuck with 3.6p1?
>
> You're stuck with patched 3.6p1 until such time as patches are made
> available for 3.8 :-) These are being worked on, but time is in short
> supply at present. Note that the I-D has changed since the patches for
> 3.6p1, and a new method of verifying the key exchange is now used (the
> previous method was vulnerable to MITM attacks)
Huh? There are no known problems with the GSSAPI-based key exchange
methods, and there hasn't been any change in some time. The
gss-group1-sha1-* kex methods are the same as before.
There _is_ a change related to obtaining user authentication as a
side-effect of GSSAPI-based key exchange. Originally this was done using
the 'external-keyex' userauth method, which was indeed subject to certain
kinds of mitm attacks. Because of this weakenss, this method should not
ever be enabled. The new way to obtain this functionality is to use the
'gssapi-keyex' method, which does not suffer from this problem.
Note that GSSAPI-based key exchange is entirely usable without the
external-keyex or gssapi-keyex userauth methods. Having a version of
OpenSSH which supports both gss-group1-sha1-* and gssapi-with-mic would be
a big step forward, even if it does not also support "gssapi-keyex"
-- Jeffrey T. Hutzelman (N3NHS) <jhutz+@cmu.edu>
Sr. Research Systems Programmer
School of Computer Science - Research Computing Facility
Carnegie Mellon University - Pittsburgh, PA