Open main menu
Home
Random
Recent changes
Special pages
Community portal
Preferences
About Wikipedia
Disclaimers
Incubator escapee wiki
Search
User menu
Talk
Dark mode
Contributions
Create account
Log in
Editing
Secure Shell
(section)
Warning:
You are not logged in. Your IP address will be publicly visible if you make any edits. If you
log in
or
create an account
, your edits will be attributed to your username, along with other benefits.
Anti-spam check. Do
not
fill this in!
===SSH-1=== In 1998, a vulnerability was described in SSH 1.5 which allowed the unauthorized insertion of content into an encrypted SSH stream due to insufficient data integrity protection from [[CRC-32]] used in this version of the protocol.<ref>{{cite web|url=http://www.coresecurity.com/content/ssh-insertion-attack|title=SSH Insertion Attack|website=[[Core Security Technologies]]|url-status=live|archive-url=https://web.archive.org/web/20110708192336/http://www.coresecurity.com/content/ssh-insertion-attack|archive-date=2011-07-08}}</ref><ref>{{cite web|url=http://www.kb.cert.org/vuls/id/13877|title=Vulnerability Note VU#13877 - Weak CRC allows packet injection into SSH sessions encrypted with block ciphers|website=[[US CERT]]|url-status=live|archive-url=https://web.archive.org/web/20100710040357/http://www.kb.cert.org/vuls/id/13877|archive-date=2010-07-10}}</ref> A fix known as SSH Compensation Attack Detector<ref>{{cite web|url=http://www.securityfocus.com/bid/2347/discuss|title=SSH CRC-32 Compensation Attack Detector Vulnerability|website=[[SecurityFocus]]|url-status=live|archive-url=https://web.archive.org/web/20080725110345/http://www.securityfocus.com/bid/2347/discuss|archive-date=2008-07-25}}</ref> was introduced into most implementations. Many of these updated implementations contained a new [[integer overflow]] vulnerability<ref>{{cite web|url=http://www.kb.cert.org/vuls/id/945216|title=Vulnerability Note VU#945216 - SSH CRC32 attack detection code contains remote integer overflow|website=US CERT|url-status=live|archive-url=https://web.archive.org/web/20051013074750/http://www.kb.cert.org/vuls/id/945216|archive-date=2005-10-13}}</ref> that allowed attackers to execute arbitrary code with the privileges of the SSH daemon, typically root. In January 2001 a vulnerability was discovered that allows attackers to modify the last block of an [[International Data Encryption Algorithm|IDEA]]-encrypted session.<ref>{{cite web|url=http://www.kb.cert.org/vuls/id/315308|title=Vulnerability Note VU#315308 - Weak CRC allows last block of IDEA-encrypted SSH packet to be changed without notice|website=US CERT|url-status=live|archive-url=https://web.archive.org/web/20100711103528/http://www.kb.cert.org/vuls/id/315308|archive-date=2010-07-11}}</ref> The same month, another vulnerability was discovered that allowed a malicious server to forward a client authentication to another server.<ref name="cert1">{{cite web|url=http://www.kb.cert.org/vuls/id/684820|title=Vulnerability Note VU#684820 - SSH-1 allows client authentication to be forwarded by a malicious server to another server|website=US CERT|url-status=live|archive-url=https://web.archive.org/web/20090901012536/http://www.kb.cert.org/vuls/id/684820|archive-date=2009-09-01}}</ref> Since SSH-1 has inherent design flaws which make it vulnerable, it is now generally considered obsolete and should be avoided by explicitly disabling fallback to SSH-1.<ref name="cert1" /> Most modern servers and clients support SSH-2.<ref>{{cite web |title=How to use SSH keys for authentication |url=https://upcloud.com/community/tutorials/use-ssh-keys-authentication/ |website=Up Cloud |date=17 September 2015 |access-date=29 November 2019}}</ref>
Edit summary
(Briefly describe your changes)
By publishing changes, you agree to the
Terms of Use
, and you irrevocably agree to release your contribution under the
CC BY-SA 4.0 License
and the
GFDL
. You agree that a hyperlink or URL is sufficient attribution under the Creative Commons license.
Cancel
Editing help
(opens in new window)