Is your SSH password revealed when you attempt to connect to the wrong server?

When you accidentally attempt to connect to the wrong server with password credentials is it possible for the administrator to read and log the password you used?

Asked By: vfclists

||

Simple put: yes

More detail…

If you connect to my machine then you don’t know if I’m running a normal ssh server, or one that has been modified to write out the password being passed.

Further, I wouldn’t necessarily need to modify sshd, but could write a PAM module (eg using pam_script), which will be passed your password.

So, yes. NEVER send your password to an untrusted server. The owner of the machine could easily have configured it to log all attempted passwords.

(In fact this isn’t uncommon in the infosec world; set up a honeypot server to log the passwords attempted)

Answered By: Stephen Harris

Yes.

The password is sent after the encrypted connection is established, but the remote server gets the password in plaintext.

If you care about that, the best and easiest solution is to use SSH keys.

If you have machines that cannot accept keys, then one solution would be to create a tool that stores your passwords safely, and then uses sshpass to always send the correct password depending on the server you’re connecting to.


Now, the reason the password is sent in plaintext, is that it leaves all decisions of handling and storing it to the remote end, and the client can be totally dumb. There are a couple of different password hashing (storage) formats used in Linux and BSD systems during the last ten years or so (crypt(3)), none of which require support from the client.

Though that’s partly because of history, too (i.e. it’s always been like that). There are better challenge-response authentication protocols that could be used even with passwords. For example SRP, that provides the parties with a shared secret during the authentication. It has been implemented for some SSH servers, but the patch for OpenSSH is for a (very) old version.

Answered By: ilkkachu

To build on top of Stephen Harris’s answer, here is a real-time view I built that shows what a modified PAM auth script would be able to capture when connecting to a box over ssh (a honeypot of sorts). I use a modified version of the PAM library lib-storepw.

https://livesshattack.net

https://livesshattack.net/about

Answered By: Willie S.

SSH is a protocol which requires mutual trust. That is the reason why the OpenSSH client maintains a known_hosts file, to implement its trust on first use scheme.

When you attempt to logon to an SSH server, regardless of who supplied the software or what data it is configured to log, you are participating in some authentication procedure. When using password authentication, you are transmitting your password to that server. This is one reason why asymmetric cryptography (public key, certificates) is recommended – public key cryptography greatly reduces the risk of disclosing your credentials. (Although that may not protect you from an MitM attack if using ssh-agent forwarding or some similar scheme.)

Answered By: jvoorhis
Categories: Answers Tags: ,
Answers are sorted by their score. The answer accepted by the question owner as the best is marked with
at the top-right corner.