OPIE considered insecure
Daniel Roethlisberger
daniel at roe.ch
Wed Feb 11 04:22:09 PST 2009
Dag-Erling Smørgrav <des at des.no> 2009-02-11:
> Jason Stone <freebsd-security at dfmm.org> writes:
> > Right, but that's not the problem they're trying to solve.
> > They're trying to solve the problem of logging in _from_ an
> > untrusted machine, to a trusted machine.
>
> If the machine you're logging in *from* is untrusted, you're
> SOL. Even with OPIE or similar mechanisms, somebody might
> piggyback on your SSH connection. The best you can do is boot
> from a CD or USB fob you prepared yourself, and even then,
> there might be a hardware key logger installed on the computer.
Or the BIOS trojaned.
Your statement is of course correct, logging in from untrusted
machines can never be secure. However, OPIE still raises the bar
on the required capabilities for an attack (active, real-time
attack versus passive keylogging / data dumping).
--
Daniel Roethlisberger
http://daniel.roe.ch/
More information about the freebsd-security
mailing list