This doesn't seem to be present in ssh.com's SSH 3.0.1... bash-2.05$ ssh -V ssh: SSH Secure Shell 3.0.1 (non-commercial version) Failed login with valid account... bash-2.05$ ssh -l vince localhost vince's password: vince's password: vince's password: warning: Authentication failed. Disconnected; no more authentication methods available (No further authentication methods available.). Failed login with invalid account... bash-2.05$ ssh -l 123james321 localhost -p 123james321's password: 123james321's password: 123james321's password: warning: Authentication failed. Disconnected; no more authentication methods available (No further authentication methods available.). Failed scp session with valid account... bash-2.05$ touch test bash-2.05$ scp test vince@localhost#22:/home/vince/test2 vince@localhost's password: vince@localhost's password: vince@localhost's password: scp: warning: ssh2 client failed to authenticate. (or you have too old ssh2 installed, check with ssh2 -V) warning: Authentication failed. Disconnected; no more authentication methods available (No further authentication methods available.). scp: warning: child process (/usr/local/bin/ssh2) exited with code 1. Failed scp session with invalid account... bash-2.05$ scp test 123james321@localhost#22:/home/vince/test2 123james321@localhost's password: 123james321@localhost's password: 123james321@localhost's password: scp: warning: ssh2 client failed to authenticate. (or you have too old ssh2 installed, check with ssh2 -V) warning: Authentication failed. Disconnected; no more authentication methods available (No further authentication methods available.). scp: warning: child process (/usr/local/bin/ssh2) exited with code 1. As you can see, both valid and invalid accounts return the same response. - Vince On 03 Sep 2001 16:09:35 +0200, Marco van Berkum wrote: > Hi, > > --- My two cents--- > > As we were playing a bit with some SSH versions we > came across some interesting 'bugs'. I hope this is not > a 'known' bug, but I wasn't able to find any documentation > regarding this flaw. > > I'll show the test from SSH 2.4.0 -> 2.4.0 > (non-commercial version) > > Making a telnetconnection to see the version: > > root@ws:~# telnet test 22 > Trying 192.168.1.15... > Connected to test. > Escape character is '^]'. > SSH-1.99-2.4.0 SSH Secure Shell (non-commercial) > ^] > telnet> q > Connection closed. > > This is my SSH version: > > root@ws:~# ssh -V > ssh: SSH Secure Shell 2.4.0 (non-commercial version) on > i686-pc-linux-gnu > > Lets try to make a ssh connection for a non existing user: > > root@ws:~# ssh blaaaaa@test > blaaaaa's password: > warning: Authentication failed. > Disconnected; connection lost (Connection closed.). > > Now I try it for a existing user: > > root@ws:~# ssh marco@test > marco's password: > marco's password: > marco's password: > warning: Authentication failed. > Disconnected; no more authentication methods available (No further > authentication methods available.). > > A clear difference in the output. > > Now lets try scp with a non existing user. > > root@ws:~# touch test.txt > root@ws:~# scp test.txt blaaa@test:/home/blaaa > blaaa@test's password: > scp: warning: ssh2 client failed to authenticate. (or you have too old > ssh2 installed, check with ssh2 -V) > warning: Authentication failed. > Disconnected; connection lost (Connection closed.). > scp: warning: child process (ssh2) exited with code 1. > > And now with a existing user > > root@ws:~# scp test.txt marco@test:/home/marco > marco@test's password: > marco@test's password: > marco@test's password: > scp: warning: ssh2 client failed to authenticate. (or you have too old > ssh2 installed, check with ssh2 -V) > warning: Authentication failed. > Disconnected; no more authentication methods available (No further > authentication methods available.). > scp: warning: child process (ssh2) exited with code 1. > > Again, a clear difference in the output. > > > --- Christian Schwalm's two cents---- > > configuration: > moderson: ssh 3.0.1 solaris8/sparc (ssh2) > eldoc: ssh 2.4.0 solaris8/x86 (ssh1/ssh2) > > schwalm is a valid user, blaaaaa not. (add or remove some a´s > in blaaaaa .. i didnt count them every time) bla.txt is a normal > textfile containing some random chars. (bla in this case hehe) > > scp´ing with correct password works fine in all cases without > any error msgs. > > now we do some 3.0.1 -> 2.4.0 > > # scp bla.txt blaaaaaa@eldoc:/tmp > blaaaaaa@eldoc's password: > scp: warning: ssh2 client failed to authenticate. (or you have too old > ssh2 > installed, check with ssh2 -V) > warning: Authentication failed. > Disconnected; connection lost (Connection closed.). > scp: warning: child process (/usr/local/bin/ssh2) exited with code 1. > > # scp bla.txt schwalm@eldoc:/tmp > schwalm@eldoc's password: > schwalm@eldoc's password: > schwalm@eldoc's password: > warning: Authentication failed. > Disconnected; no more authentication methods available (No further > authentication methods available.). > scp: warning: ssh2 client failed to authenticate. (or you have too old > ssh2 > installed, check with ssh2 -V) > scp: warning: child process (/usr/local/bin/ssh2) exited with code 1. > > lets see what happens in case of 2.4.0 -> 3.0.1 > > # scp bla.txt blaaaaaa@moderson:/tmp > blaaaaaa@moderson's password: > blaaaaaa@moderson's password: > blaaaaaa@moderson's password: > warning: Authentication failed. > Disconnected; no more authentication methods available (No further > authentication methods available.). > scp: warning: child process (ssh2) exited with code 1. > > # scp bla.txt schwalm@moderson:/tmp > schwalm@moderson's password: > schwalm@moderson's password: > schwalm@moderson's password: > warning: Authentication failed. > Disconnected; no more authentication methods available (No further > authentication methods available.). > scp: warning: child process (ssh2) exited with code 1. > > No difference here. > > here we try some 3.0.1 -> 3.0.1 > > # scp bla.txt schwalm@moderson:/tmp > schwalm@moderson's password: > schwalm@moderson's password: > schwalm@moderson's password: > scp: warning: ssh2 client failed to authenticate. (or you have too old > ssh2 installed, check with ssh2 -V) > warning: Authentication failed. > Disconnected; no more authentication methods available (No further > authentication methods available.). > scp: warning: child process (/usr/local/bin/ssh2) exited with code 1. > > # scp bla.txt blaaaaaa@moderson:/tmp > blaaaaaa@moderson's password: > blaaaaaa@moderson's password: > blaaaaaa@moderson's password: > warning: Authentication failed. > Disconnected; no more authentication methods available (No further > authentication methods available.). > scp: warning: ssh2 client failed to authenticate. (or you have too old > ssh2 installed, check with ssh2 -V) > scp: warning: child process (/usr/local/bin/ssh2) exited with code 1. > > Also here a slight difference in the output (different order, tried > several times) > > -- > Christian `eldoc´ Schwalm > schwalmATinformatikDOTuni-hannoverDOTde > "dont make your programs userfriendly, make your users friendly" > > ----- > > With other words... usernames of ssh 2.4.0 (ssh+scp) and > 3.0.1 (scp) are guessable ?!? > > keep me informed... > > grtz, > Marco van Berkum > > > -- > GCC dpu s:--- a- C+++ US++++ P++ L+++ E---- W N o-- K w--- > O- M-- V-- PS+++ PE-- Y+ PGP--- t--- 5 X R* tv++ b+++ DI-- D---- > G++ e- h+ r y* > +---------------------+------------------+-------------------+ > | Marco van Berkum | MB17300-RIPE | Security Engineer | > | http://ws.obit.nl | "Chernobyl used | Network Admin | > | m.v.berkumat_private | Windows" | UNIX | > +---------------------+------------------+-------------------+ > > > >
This archive was generated by hypermail 2b30 : Tue Sep 04 2001 - 01:38:14 PDT