OpenSSH has user enumeration bug
Blowfish is faster than SHA256, and that's a problem when servers talk back
A bug in OpenSSH allows an attacker to check whether user names are valid on a 'net-facing server - because the Blowfish algorithm runs faster than SHA256/SHA512.
The bug hasn't been fixed yet, but in his post to Full Disclosure, Verint developer Eddie Harari says OpenSSH developer Darren Tucker knows about the issue and is working to address it.
If you send a user ID to an OpenSSH server with a long (but wrong) password – 10 kilobytes is what Harari mentions in his post – then the server will respond quickly for fake users, but slower for real users.
As the post explains, it's particular to certain configurations:
“When SSHD tries to authenticate a non-existing user, it will pick up a fake password structure hardcoded in the SSHD source code. On this hard coded password structure the password hash is based on BLOWFISH ($2) algorithm. If real users passwords are hashed using SHA256/SHA512, then sending large passwords (10KB) will result in shorter response time from the server for non-existing users.”
Of course, if the attacker is able to work out an SSH user ID, the next step would be to check it against a list of previously-hacked ID and password pairs, so as soon as OpenSSH makes its patch public, you know what to do. ®
- Black Hat
- Common Vulnerability Scoring System
- Cybersecurity and Infrastructure Security Agency
- Cybersecurity Information Sharing Act
- Data Breach
- Data Protection
- Data Theft
- Digital certificate
- Identity Theft
- Kenna Security
- Palo Alto Networks
- Trusted Platform Module
- Zero trust