Posted by: David Schneier
Information Security Threats
If you’re an SSH and Linux user, this is not a good week for you. Not only did Debian announce that a flaw in its OpenSSL implementation allows attackers to easily guess cryptographic keys, but now HD Moore has posted a list of SSH keys that he was able to brute-force by reverse engineering the list of blacklisted keyspace that Debian published. Oh, and there also is a large spike in the volume of active SSH probes at networks around the world, which may or may not be related to the Debian situation.
The OpenSSL flaw is the more serious of the two problems at this point, with experts recommending that affected users regenerate both their SSH keys and their SSL certificates immediately. The bottom line with this vulnerability is that any SSH key or SSL certificate generated between September 2006 and May 13, 2008, should be considered compromised.
“The situation with web certificates is even worse – the public key is really that: public. So, for a weak key generated on Debian, an attacker could derive the private key and construct a Man-In-The-Middle attack without any problems in the browser,” the folks at the Internet Storm Center wrote in a post about the problem. “Very very scary. Makes one wonder how many people used Debian to generate their SSL keys.”
The increase in SSH probes seems to be a separate issue at this point, as those brute-force attempts mostly involve password guessing. A number of posts on the Unisog security mailing list described spikes of 10 or 20 times the normal number of login attempts per day, beginning sometime in April. These attacks are mainly classic dictionary attacks, in which the attacker runs a script that attempts a remote login to an SSH server using a large list of possible passwords.
In other words, run, don’t walk, to the console and update those keys and certificates. If the good guys have already developed scripts and tools for brute-forcing the keys, you have to assume the crackers have as well.