Re: halt -p not working in mac mini
halt with option -ph is unknow option , and shutdown -hp now still not working always restart On Tue, Sep 9, 2008 at 2:07 PM, ropers [EMAIL PROTECTED] wrote: 2008/9/9 Lars Noodin [EMAIL PROTECTED]: sonjaya wrote: I have been susccess full install openbsd 4.3 at mac mini ( intel base), but i have problem when halt -p , the mac mini don't halt and power off only restart bellow dmesg from mac mini : Have you tried halt -ph ? -Lars That reminds me: Personally, I always derive enjoyment from typing shutdown -hp now. I'm easily amused. --ropers -- sonjaya http://sicute.blogspot.com http://www.pojokdomain.com(sell buy domain with free )
Re: ntpd can hang on boot
* Giancarlo Razzolini [EMAIL PROTECTED] [2008-09-09 21:20]: Peter Fraser escreveu: OpenBSD 4.3 (GENERIC) #698: Wed Mar 12 11:07:05 MDT 2008 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Frank Bax Sent: Saturday, September 06, 2008 5:50 PM To: misc@openbsd.org Subject: Re: ntpd can hang on boot Peter Fraser wrote: I stupidly screwed up my pf.conf, as a result ntpd -s which is invoked in /etc/rc (as a result of my /etc/rc.conf.local) could not resolve the names of the time servers. What version? http://kerneltrap.org/mailarchive/openbsd-misc/2007/11/16/420560 Pal, use rdate and it will timeout after 2 minutes. I don't like to use the -s option of ntpd exactly for this problem. When there wasn't a internet connection, it will simply hang. rdate will not hang (at least not indefinitely). ntpd -s will time out eventually, but the 'eventually' might be painfully far away. it's the dns routines that block and cause these problems. i know how to fix this but haven't found the time to do so yet. maybe i get a chance on the flight later today. maybe. -- Henning Brauer, [EMAIL PROTECTED], [EMAIL PROTECTED] BS Web Services, http://bsws.de Full-Service ISP - Secure Hosting, Mail and DNS Services Dedicated Servers, Rootservers, Application Hosting - Hamburg Amsterdam
Re: NTP offline local server question
On Wed, Sep 10, 2008 at 12:25 AM, G 0kita [EMAIL PROTECTED] wrote: I understand that without drift information the time won't be accurate to the rest of the world but I really only want local synchronization. If not I can use the port easily enough, but I was wondering if there's a tweak I'm missing somewhere. Would timed meet your needs? -- Christopher Vance
Re: Sun M-class hardware denial of service
My understanding of this issue is that it is only likely to be caused by an exploited domain, or running OpenBSD. Both should be a rare event (OpenBSD isn't really production-ready on this hardware). It's acceptable in the majority of cases to just let the domain be unused. It's a bug, it's irritating, it should be fixed, but it's not a huge problem.
Re: ntpd can hang on boot
ntpd -s will time out eventually, but the 'eventually' might be painfully far away. it's the dns routines that block and cause these problems. i know how to fix this but haven't found the time to do so yet. maybe i get a chance on the flight later today. maybe. ?DNS routines means that the problem only appears if you use a ntp server with DNS? ?Can you avoid the problem if you use an IP directly instead of DNS record? -- Thanks, Jordi Espasa Clofent
SSH question (4.3)
Hi, I've just experienced a strange problem with OpenSSH. Scenario: /etc/ssh/sshd_config: PermitRootLogin without-password = root login with ssh keys works, as expected. I've created another user, uid 1000, on the same box, and copied root's authorized_keys file over, adjusted ownership, permissions etc... = SSH login (from the same remote user) does _NOT_ work. I've added that user to the group 'wheel' = SSH login works I've removed said user from the group 'wheel' = SSH login no longer works In sshd(8), there is no mentioning of key login requiring wheel membership. This is what a non-working login attempt looks like on the server side. SSH asks for a password (this is locked): # /usr/sbin/sshd -u0 -d -e debug1: sshd version OpenSSH_4.8 debug1: read PEM private key done: type RSA debug1: private host key: #0 type 1 RSA debug1: read PEM private key done: type DSA debug1: private host key: #1 type 2 DSA debug1: rexec_argv[0]='/usr/sbin/sshd' debug1: rexec_argv[1]='-u0' debug1: rexec_argv[2]='-d' debug1: rexec_argv[3]='-e' debug1: Bind to port 22 on ::. Server listening on :: port 22. debug1: Bind to port 22 on 0.0.0.0. Server listening on 0.0.0.0 port 22. debug1: fd 6 clearing O_NONBLOCK debug1: Server will not fork when running in debugging mode. debug1: rexec start in 6 out 6 newsock 6 pipe -1 sock 9 debug1: sshd version OpenSSH_4.8 debug1: read PEM private key done: type RSA debug1: private host key: #0 type 1 RSA debug1: read PEM private key done: type DSA debug1: private host key: #1 type 2 DSA debug1: inetd sockets after dupping: 4, 4 Connection from 192.168.1.6 port 37071 debug1: Client protocol version 2.0; client software version OpenSSH_4.3p2 Debian-9etch2 debug1: match: OpenSSH_4.3p2 Debian-9etch2 pat OpenSSH* debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_4.8 debug1: permanently_set_uid: 27/27 debug1: list_hostkey_types: ssh-rsa,ssh-dss debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug1: kex: client-server aes128-cbc hmac-md5 none debug1: kex: server-client aes128-cbc hmac-md5 none debug1: SSH2_MSG_KEX_DH_GEX_REQUEST received debug1: SSH2_MSG_KEX_DH_GEX_GROUP sent debug1: expecting SSH2_MSG_KEX_DH_GEX_INIT debug1: SSH2_MSG_KEX_DH_GEX_REPLY sent debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug1: SSH2_MSG_NEWKEYS received debug1: KEX done debug1: userauth-request for user admin service ssh-connection method none debug1: attempt 0 failures 0 Failed none for admin from 192.168.1.6 port 37071 ssh2 debug1: userauth-request for user admin service ssh-connection method publickey debug1: attempt 1 failures 1 debug1: test whether pkalg/pkblob are acceptable debug1: temporarily_use_uid: 1000/1000 (e=0/0) debug1: trying public key file /H/admin/.ssh/authorized_keys debug1: restore_uid: 0/0 debug1: temporarily_use_uid: 1000/1000 (e=0/0) debug1: trying public key file /H/admin/.ssh/authorized_keys2 debug1: restore_uid: 0/0 Failed publickey for admin from 192.168.1.6 port 37071 ssh2 debug1: userauth-request for user admin service ssh-connection method keyboard-interactive debug1: attempt 2 failures 2 debug1: keyboard-interactive devs debug1: auth2_challenge: user=admin devs= debug1: kbdint_alloc: devices 'bsdauth' debug1: auth2_challenge_start: trying authentication method 'bsdauth' Connection closed by 192.168.1.6 debug1: do_cleanup debug1: do_cleanup The same thing after adding the user to the group 'wheel': # /usr/sbin/sshd -u0 -d -e debug1: sshd version OpenSSH_4.8 debug1: read PEM private key done: type RSA debug1: private host key: #0 type 1 RSA debug1: read PEM private key done: type DSA debug1: private host key: #1 type 2 DSA debug1: rexec_argv[0]='/usr/sbin/sshd' debug1: rexec_argv[1]='-u0' debug1: rexec_argv[2]='-d' debug1: rexec_argv[3]='-e' debug1: Bind to port 22 on ::. Server listening on :: port 22. debug1: Bind to port 22 on 0.0.0.0. Server listening on 0.0.0.0 port 22. debug1: fd 6 clearing O_NONBLOCK debug1: Server will not fork when running in debugging mode. debug1: rexec start in 6 out 6 newsock 6 pipe -1 sock 9 debug1: sshd version OpenSSH_4.8 debug1: read PEM private key done: type RSA debug1: private host key: #0 type 1 RSA debug1: read PEM private key done: type DSA debug1: private host key: #1 type 2 DSA debug1: inetd sockets after dupping: 4, 4 Connection from 192.168.1.6 port 37076 debug1: Client protocol version 2.0; client software version OpenSSH_4.3p2 Debian-9etch2 debug1: match: OpenSSH_4.3p2 Debian-9etch2 pat OpenSSH* debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_4.8 debug1: permanently_set_uid: 27/27 debug1: list_hostkey_types: ssh-rsa,ssh-dss debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug1: kex: client-server aes128-cbc hmac-md5 none debug1: kex: server-client aes128-cbc hmac-md5 none debug1: SSH2_MSG_KEX_DH_GEX_REQUEST received debug1: SSH2_MSG_KEX_DH_GEX_GROUP sent debug1: expecting
Re: SSH question (4.3)
Hi! On Wed, Sep 10, 2008 at 12:55:00PM +0200, Toni Mueller wrote: [...] debug1: trying public key file /H/admin/.ssh/authorized_keys2 ls -ld /H /H/admin /H/admin/.ssh /H/admin/.ssh/authorized_keys /H/admin/.ssh/authorized_keys2 (I.e. check whether there's some intervening dir that's not accessible to user admin/group admin, but to group wheel). [...] Kind regards, Hannah.
Re: SSH question (4.3)
On 2008-09-10, Toni Mueller [EMAIL PROTECTED] wrote: /etc/ssh/sshd_config: PermitRootLogin without-password = root login with ssh keys works, as expected. I've created another user, uid 1000, on the same box, and copied root's authorized_keys file over, adjusted ownership, permissions etc... = SSH login (from the same remote user) does _NOT_ work. I've added that user to the group 'wheel' = SSH login works I've removed said user from the group 'wheel' = SSH login no longer works Does this apply? If this file, the ~/.ssh directory, or the user's home directory are writable by other users, then the file could be modified or replaced by unauthorized users. In this case, sshd will not al- low it to be used unless the StrictModes option has been set to ``no''. The recommended permissions can be set by executing ``chmod go-w ~/ ~/.ssh ~/.ssh/authorized_keys''. Specifically, is the user's home directory writable by wheel?
Apache lib/link problem
as of OpenBSD 4.4-current (GENERIC.MP) #1838: Tue Sep 9 16:35:25 MDT 2008 [EMAIL PROTECTED]:/usr/src/sys/arch/amd64/compile/GENERIC.MP I'm having a link error in Apache: /usr/sbin/httpd:/usr/lib/libssl.so.11.0: /usr/lib/libssl.so.12.0 : WARNING: symb ol(ssl2_ciphers) size mismatch, relink your program /usr/sbin/httpd:/usr/lib/libssl.so.11.0: /usr/lib/libssl.so.12.0 : WARNING: symb ol(ssl3_ciphers) size mismatch, relink your program Thanks for any suggestion. -- O. Griener
Re: ntpd can hang on boot
Henning Brauer escreveu: ntpd -s will time out eventually, but the 'eventually' might be painfully far away. it's the dns routines that block and cause these problems. i know how to fix this but haven't found the time to do so yet. maybe i get a chance on the flight later today. maybe. I never believed it wouldn't :-) but, from my experience, rdate timeout exactly after 2 minutes. Not *that* far away so. Just for curiosity, what are the dns routines differences between them? -- Giancarlo Razzolini http://lock.razzolini.adm.br Linux User 172199 Red Hat Certified Engineer no:804006389722501 Verify:https://www.redhat.com/certification/rhce/current/ Moleque Sem Conteudo Numero #002 OpenBSD Stable Ubuntu 8.04 Hardy Heron 4386 2A6F FFD4 4D5F 5842 6EA0 7ABE BBAB 9C0E 6B85
Re: SSH question (4.3)
Hi, On Wed, 10.09.2008 at 11:57:46 +, Stuart Henderson [EMAIL PROTECTED] wrote: Specifically, is the user's home directory writable by wheel? no, I've checked this. But I will have to check whether Hannah's hint, too... (should have had this idea earlier, doh!). Kind regards, --Toni++
Re: ntpd can hang on boot
* Giancarlo Razzolini [EMAIL PROTECTED] [2008-09-10 15:43]: Henning Brauer escreveu: ntpd -s will time out eventually, but the 'eventually' might be painfully far away. it's the dns routines that block and cause these problems. i know how to fix this but haven't found the time to do so yet. maybe i get a chance on the flight later today. maybe. I never believed it wouldn't :-) but, from my experience, rdate timeout exactly after 2 minutes. Not *that* far away so. Just for curiosity, what are the dns routines differences between them? ou won't make me read rdate now -- Henning Brauer, [EMAIL PROTECTED], [EMAIL PROTECTED] BS Web Services, http://bsws.de Full-Service ISP - Secure Hosting, Mail and DNS Services Dedicated Servers, Rootservers, Application Hosting - Hamburg Amsterdam
Re: ntpd can hang on boot
Henning Brauer escreveu: * Giancarlo Razzolini [EMAIL PROTECTED] [2008-09-10 15:43]: Henning Brauer escreveu: ntpd -s will time out eventually, but the 'eventually' might be painfully far away. it's the dns routines that block and cause these problems. i know how to fix this but haven't found the time to do so yet. maybe i get a chance on the flight later today. maybe. I never believed it wouldn't :-) but, from my experience, rdate timeout exactly after 2 minutes. Not *that* far away so. Just for curiosity, what are the dns routines differences between them? ou won't make me read rdate now Hahahahahhah... Don't bother. Whatever are the differences (if there are some), rdate definitely timeout after 2 minutes. Confirmed in a little openbsd virtual machine of mine. So, for the original poster, i recommend that you sticky with rdate for now, it will timeout faster than ntpd -s. When Henning changes the ntpd code (that i expect will be on both current and 4.4), you get back to ntpd -s. My regards, -- Giancarlo Razzolini http://lock.razzolini.adm.br Linux User 172199 Red Hat Certified Engineer no:804006389722501 Verify:https://www.redhat.com/certification/rhce/current/ Moleque Sem Conteudo Numero #002 OpenBSD Stable Ubuntu 8.04 Hardy Heron 4386 2A6F FFD4 4D5F 5842 6EA0 7ABE BBAB 9C0E 6B85
Re: Sun M-class hardware denial of service
My understanding of this issue is that it is only likely to be caused by an exploited domain, or running OpenBSD. Both should be a rare event (OpenBSD isn't really production-ready on this hardware). It's acceptable in the majority of cases to just let the domain be unused. It's a bug, it's irritating, it should be fixed, but it's not a huge problem. No, it is not just irritating. It is a serious DOS, and a risk that one does not expect in boxes that cost that much. You have completely failed to understand.
Re: [BUGS or FEATURE] Ifconfig
On Tue, 09 Sep 2008 22:15:39 +0700, Jason Dixon [EMAIL PROTECTED] wrote: On Tue, Sep 09, 2008 at 10:15:16AM -0400, Jason Dixon wrote: I can confirm this on a kernel I bought last night for testing Henning's Obviously I meant built. Although I've already put my pre-order in, maybe that counts? ;) Hi Misc@, Just to confirm On 10 sept 2008 kernel the problem was fix. Thanks, Insan -- insandotpraja(at)gmaildotcom
Re: Apache lib/link problem
library major version bumps. welcome to tracking -current... it happens. you probably have something like php with php-mhash or php-mcrypt installed. your httpd is linked against libssl.12, but the php goo is linked against libssl.11. you can either wait for new packages, or build 'em yourself. On Wed, Sep 10, 2008 at 5:54 AM, O. Griener [EMAIL PROTECTED] wrote: as of OpenBSD 4.4-current (GENERIC.MP) #1838: Tue Sep 9 16:35:25 MDT 2008 [EMAIL PROTECTED]:/usr/src/sys/arch/amd64/compile/GENERIC.MP I'm having a link error in Apache: /usr/sbin/httpd:/usr/lib/libssl.so.11.0: /usr/lib/libssl.so.12.0 : WARNING: symb ol(ssl2_ciphers) size mismatch, relink your program /usr/sbin/httpd:/usr/lib/libssl.so.11.0: /usr/lib/libssl.so.12.0 : WARNING: symb ol(ssl3_ciphers) size mismatch, relink your program Thanks for any suggestion. -- O. Griener -- GDB has a 'break' feature; why doesn't it have 'fix' too?
Ekskluzivno: Space Bag 7 septembarska ušteda
Top Shop Ekskluzivna pretprodaja - samo na internetu! SPECIJALNA JESENJA PONUDA! Space Bag do 30. septembra po Äak 15% nižoj ceni! I to nije sve... Predstavljamo: Steper sa tegovima SUPER cena za jesenje spremanje! Space Bag 7 Set Vreme je za jesenje spremanje, a VaÅ¡i ormari su jednostavno prenatrpani? Imamo pravo reÅ¡enje za Vas! Space Bag Uz Space Bag 7 Set: * UtrostruÄiÄete prostor u svom ormaru * ZaÅ¡titiÄete posteljinu i garderobu od praÅ¡ine, vlage, neprijatnih mirisa i grinja * VreÄe su vodootporne i ne propuÅ¡taju vazduh * Providne su - tako da lako možete naÄi sve Å¡to Vam zatreba Redovna cena: 2.690,00 RSD VaÅ¡a cena -2.290,00 RSD Space Bag SAMO U SEPTEMBRU! Kliknite ovde i poruÄite odmah! SEPTEMBARSKA UÅ TEDA! NE PROPUSTITE OVU PRILIKU Steper koji masira! PomoÄu prijatne masaže stopala koju vam omoguÄava ova fitnes sprava, poboljÅ¡aÄete svoje fiziÄko zdravlje i oslobodiÄete se stresa. Poseban deo za masažu, na pedalama stepera i disku za oblikovanje struka - akupresurom intezivno stimuliÅ¡e specifiÄne taÄke na stopalima. Ovaj naÄin vežbanja omoguÄava pravilno i zdravo vežbanje i rezultira lepÅ¡im izgledom celog tela NOVO! PoruÄite odmah Cena 5990,00 din Steper 3-u-1 - Masaža, tegovi i disk za oblikovanje struka * SpecifiÄan oblik i podloga na pedalama nežno i prijatno stimuliÅ¡e stopala, * Stimulacija akupresurnih taÄaka na stopalima poboljÅ¡ava zdravstveno stanje, * Odgovara svima - bez obzira na uzrast i fiziÄku kondiciju. * Sadrži i tegove za dodatno vežbanje ruku * U sklopu sprave je i disk za oblikovanje struka * PomoÄu pedometra lako kontroliÅ¡ete dužinu i intenzitet treninga PoÄetna | Budi fit | Lepota | Zdravlje Ovu elektronsku poÅ¡tu primate ukoliko ste svojevoljno ostavili svoju e-mail adresu ili uÄestvovai u u posebnim akcijama na www.e-topshop.tv Uslovi ponude iz ovog e-maila važe iskljuÄivo za porudžbine izvrÅ¡ene putem Interneta ili na broj telefona 021 489 26 60. Ukoliko ne želite viÅ¡e da primate naÅ¡e elektronske poruke, molimo Vas kliknite ovde . U obrazac na web stranici upiÅ¡ite svoju taÄnu e-mail adresu i odjavu potvrdite. STUDIO MODERNA d.o.o., Laze NanÄiÄa 50, 21 000 Novi Sad, tel: 021 489 26 60 fax: 021 489 26 08 [IMAGE]If you would no longer like to receive our emails please unsubscribe by clicking here.
Re: SSH question (4.3)
Hi Hannah, On Wed, 10.09.2008 at 13:56:23 +0200, Hannah Schroeter [EMAIL PROTECTED] wrote: (I.e. check whether there's some intervening dir that's not accessible to user admin/group admin, but to group wheel). that was the problem, thanks! Kind regards, --Toni++
Patching a SSH 'Weakness'
Hi, Some secure protocols like SSH send encrypted keystrokes as they're typed. By doing timing analysis you can figure out which keys the user probably typed (keys that are physically close together on a keyboard can be typed faster). A careful analysis can reveal the length of passwords and probably some of password itself. The paper: http://portal.acm.org/citation.cfm? id=1267612.1267637coll=Portaldl=GUIDECFID=1943417C FTOKEN=28290455 I'm seriously considering implementing a fix for this weakness. Is there any interest in incorporating this sort of thing into openBSD? Cheers --Kevin
altq on enc0?
Hi, I've just discovered that this is unsupported. How difficult would it be to add support for this? TIA! Kind regards, --Toni++
Is it possible to add pppoe to a bridge?
Even if a bridge is empty it seems impossible to add pppoe to it. This doesn't change if the first bridge member has an MTU identical to that of the pppoe interface (thank you to Martin Reindl for a patch enabling mtu changes on Sun quad ethernet). For my own, and anyone else's reference, the bridge's own MTU is hardcoded to ETHERMTU (1500). Now, I can go through the source to if_bridge.c and find the definitive answer, but I thought I'd ask here in case anyone had an immediate answer, even if delving into the depths of OpenBSD is new knowledge for me. The bridge and brconfig man pages aren't illuminating in this regard. Alternatively, it would be good to know if I'm doing something foolish, if I find a way to get the source to accept pppoe interfaces - could there be a hidden side effect? PK
Re: Pre-Order 4.4
Hi, On Thu, 04.09.2008 at 09:56:32 +0200, Christophe Rioux [EMAIL PROTECTED] wrote: installation, but I don't find the sys.tar.gz (needed to recompile the kernel with the raid features). you could get a CVS checkout. The tree has been tagged, as far as I can see. Kind regards, --Toni++
Re: Patching a SSH 'Weakness'
On Wed, 10 Sep 2008, Kevin Neff wrote: Hi, Some secure protocols like SSH send encrypted keystrokes as they're typed. By doing timing analysis you can figure out which keys the user probably typed (keys that are physically close together on a keyboard can be typed faster). A careful analysis can reveal the length of passwords and probably some of password itself. The paper: http://portal.acm.org/citation.cfm? id=1267612.1267637coll=Portaldl=GUIDECFID=1943417C FTOKEN=28290455 I'm seriously considering implementing a fix for this weakness. Is there any interest in incorporating this sort of thing into openBSD? Be warned: implementing any sort of time-based events in the current SSH mainloop is annoyingly difficult. If you can do it cleanly, then we are interested. -d
Re: Patching a SSH 'Weakness'
On Thu, Sep 11, 2008 at 4:58 AM, Kevin Neff [EMAIL PROTECTED] wrote: Hi, Some secure protocols like SSH send encrypted keystrokes as they're typed. By doing timing analysis you can figure out which keys the user probably typed (keys that are physically close together on a keyboard can be typed faster). A careful analysis can reveal the length of passwords and probably some of password itself. The paper: http://portal.acm.org/citation.cfm? id=1267612.1267637coll=Portaldl=GUIDECFID=1943417C FTOKEN=28290455 The paper itself is not accessible. Prima facie, this looked like a technology-in-search-of-a-problem kinda thing to me. For now, it sounds like bull. However, there are atleast 10 references to keystoke timing/characteristics. That this 'weakness' holds water is a judgement call. Of course, one can make any kind of conclusion only after studying the paper/references. Hari
Re: Patching a SSH 'Weakness'
Just wait until you see me type! On Thu, Sep 11, 2008 at 10:06:27AM +0900, Hari wrote: On Thu, Sep 11, 2008 at 4:58 AM, Kevin Neff [EMAIL PROTECTED] wrote: Hi, Some secure protocols like SSH send encrypted keystrokes as they're typed. By doing timing analysis you can figure out which keys the user probably typed (keys that are physically close together on a keyboard can be typed faster). A careful analysis can reveal the length of passwords and probably some of password itself. The paper: http://portal.acm.org/citation.cfm? id=1267612.1267637coll=Portaldl=GUIDECFID=1943417C FTOKEN=28290455 The paper itself is not accessible. Prima facie, this looked like a technology-in-search-of-a-problem kinda thing to me. For now, it sounds like bull. However, there are atleast 10 references to keystoke timing/characteristics. That this 'weakness' holds water is a judgement call. Of course, one can make any kind of conclusion only after studying the paper/references. Hari
Re: Patching a SSH 'Weakness'
On Thu, Sep 11, 2008 at 10:06:27AM +0900, Hari wrote: On Thu, Sep 11, 2008 at 4:58 AM, Kevin Neff [EMAIL PROTECTED] wrote: Hi, Some secure protocols like SSH send encrypted keystrokes as they're typed. By doing timing analysis you can figure out which keys the user probably typed (keys that are physically close together on a keyboard can be typed faster). A careful analysis can reveal the length of passwords and probably some of password itself. The paper: http://portal.acm.org/citation.cfm? id=1267612.1267637coll=Portaldl=GUIDECFID=1943417C FTOKEN=28290455 The paper itself is not accessible. Prima facie, this looked like a technology-in-search-of-a-problem kinda thing to me. For now, it sounds like bull. However, there are atleast 10 references to keystoke timing/characteristics. That this 'weakness' holds water is a judgement call. Of course, one can make any kind of conclusion only after studying the paper/references. I remember reading that or a similar paper a while back. The idea has been around for longer. Is it a weakness? Yes, I'd say so. I can't comment on how serious it is, but at first blush not too serious. Making OpenSSH immune would be nice, as a proactive step. The reason why I think it's a weakness is that you can gather statistics on typing and use those to infer things. I.e., you can extract meaningful information from the encrypted session. If you're snooping on ssh and see a short burst of typing followed by another ssh session from the remote machine you can guess they typed 'ssh host.example.com' by the length of typing and the host connected to. Nice crib. Oh, after than connect was there another short burst? Probably the password. How many keystrokes can probably be inferred. Perhaps stats on interkey timing can be used to make some intelligent guesses, such as the 4th char is NOT punctuation because is followed char 3 too closely. Or whatever. Just because this takes real work and isn't in a popular script kiddie tool doesn't mean you should discount it. Traffic analysis of one kind or another has a long history of paying off well. -- Darrin Chandler| Phoenix BSD User Group | MetaBUG [EMAIL PROTECTED] | http://phxbug.org/ | http://metabug.org/ http://www.stilyagin.com/ | Daemons in the Desert | Global BUG Federation [demime 1.01d removed an attachment of type application/pgp-signature]
rtw0 is playing games with me (again)
Hi, I've reinstalled OpenBSD 4.3 from scratch and tried to set up networking with the rtw driver but I couldn't make it work with dhclient.. Is this a known issue ? I've updated /usr/src to a recent current tree but I'm stuck trying to compile the base system... :-) I thought maybe rtw0 will work in 4.4-current, or perhaps the nic is damaged, but apparently it seem to work well with ifconfig, so I'm kinda clueless. Any pointers how to get rtw0 working in OpenBSD 4.3 would be kindly appreciated. Thanks! erob -- Etienne Robillard Software Developer, Green Tea Hackers Club Mobile phone number: 514-962-7703 Website: http://gthc.org/ Email: robillard.etienne (at) gmail.com
Re: Patching a SSH 'Weakness'
On Wednesday 10 September 2008 15:58:03 Kevin Neff wrote: Hi, Some secure protocols like SSH send encrypted keystrokes as they're typed. By doing timing analysis you can figure out which keys the user probably typed (keys that are physically close together on a keyboard can be typed faster). A careful analysis can reveal the length of passwords and probably some of password itself. This is nearly complete bullshit. For any individual, learning their characteristics could give rise to being able to know a great deal about what they are doing, but hardly for the general case. I know people who type blindingly fast. I'm a mutant hunt 'n pecker, but I can go 50wpm+ when on a good keyboard and awake, and far slower then conditions aren't good. I also have a problem with my right hand which makes for typing problems at times. How about people with severe physical problems? I know a C4 quadrapledgic who types slowly, very slowly. Depending on how he feels, his speed varies by probably a factor of 4 or so. Such a system could learn for an individual if you know things about them. But what about a Chord keyboard? Dvorak?(sp) If you want to worry, think about the sounds a keyboard makes. Get an old IBM buckling spring keyboard (original PC and AT) and listen to the sounds it makes. That is something you could probably decode with decent accuracy. --STeve Andre'
Re: Patching a SSH 'Weakness'
On Wed, Sep 10, 2008 at 7:56 PM, STeve Andre' [EMAIL PROTECTED] wrote: How about people with severe physical problems? I know a C4 quadriplegic who types slowly, very slowly. Depending on how he feels, his speed varies by probably a factor of 4 or so. if I was trying to gank a quadriplegic's password I'd probably not use keystroke analysis. and damn, who would steal a quadriplegic's password? that's like punching a dude with glasses, only slightly worse.
Re: rtw0 is playing games with me (again)
Hi, Just my view as a beginner with this system (or BFU :-)).Using -current or following -stable is easy.I was trying following -current ,but found,that using snapshots is soo easy and that following -current is not really good idea for people like me,which are in phase of learning this system. So now I use snapshots on my desktop at home and in Qemu.I have -release only in MS Virtual Server for some databases needed for testing.And this is not so important,so I can wait for next -release with upgrade. Tomas -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Etienne Robillard Sent: Thursday, September 11, 2008 5:15 AM To: misc@openbsd.org Subject: rtw0 is playing games with me (again) Hi, I've reinstalled OpenBSD 4.3 from scratch and tried to set up networking with the rtw driver but I couldn't make it work with dhclient.. Is this a known issue ? I've updated /usr/src to a recent current tree but I'm stuck trying to compile the base system... :-) I thought maybe rtw0 will work in 4.4-current, or perhaps the nic is damaged, but apparently it seem to work well with ifconfig, so I'm kinda clueless. Any pointers how to get rtw0 working in OpenBSD 4.3 would be kindly appreciated. Thanks! erob -- Etienne Robillard Software Developer, Green Tea Hackers Club Mobile phone number: 514-962-7703 Website: http://gthc.org/ Email: robillard.etienne (at) gmail.com
Re: Patching a SSH 'Weakness'
Hell you say. I wear glasses and have been punched. Hard. In the face. Good to know I'll be immune from you. On 9/10/08, Aaron Glenn [EMAIL PROTECTED] wrote: On Wed, Sep 10, 2008 at 7:56 PM, STeve Andre' [EMAIL PROTECTED] wrote: How about people with severe physical problems? I know a C4 quadriplegic who types slowly, very slowly. Depending on how he feels, his speed varies by probably a factor of 4 or so. if I was trying to gank a quadriplegic's password I'd probably not use keystroke analysis. and damn, who would steal a quadriplegic's password? that's like punching a dude with glasses, only slightly worse.