Hide Forgot
The client side in OpenSSH 5.7 through 8.3 has an Observable Discrepancy leading to an information leak in the algorithm negotiation. This allows man-in-the-middle attackers to target initial connection attempts (where no host key for the server has been cached by the client). References: https://github.com/openssh/openssh-portable/compare/V_8_3_P1...V_8_4_P1 https://www.fzi.de/en/news/news/detail-en/artikel/fsa-2020-2-ausnutzung-eines-informationslecks-fuer-gezielte-mitm-angriffe-auf-ssh-clients/
Created openssh tracking bugs for this issue: Affects: fedora-all [bug 1852931]
Statement: This attack is only feasible when connecting to a malicious man-in-the-middle SSH servers, whose host keys have not been verified by the ssh client side users. The attacker can only detect if the client is using a host key from its key store or new host key has been presented to it. Therefore does not present a real world attack scenario.
Mitigation: Always connect to SSH servers with verified host keys to avoid any possibilities of man-in-the-middle attack.
Hi *, I do not agree with the low impact classification for this bug. In fact, the information leak allows MitM to filter out target hosts that have stored a previously exchanged host-key and attack only those hosts that go through the initial key exchange procedure. Most users have limited capabilities to validate the host key fingerprint and therefor accept the first key presented to them. With the CVE-2020-14145 it is significantly less likely that the MitM will be discovered. Or on the other hand: if this bug is fixed, the MitM faces a substantial risk to be discovered by users that get a warning about host key changed. For this reason, it is highly desired that this bug will be fixed. Best regards, Sebastian Hetze
Hello Team, Any updates on this? Regards, Nikhil Joshi
Hello, Any updates on this? Regards, Nikhil Joshi