Marco Ivaldi wrote:
It needs expect, and target ssh hostkey must be already added. I'd be
very interested in knowing the results of tests performed on other
distros and configurations.
Hi Marco,
nice to meet you :-). I tried to do this test over my 10 Mbps lan and
this is the result:
[EMAIL PROTECTED]:~/dev$ ./sshtime calipso users.txt
[EMAIL PROTECTED] real 9.55
[EMAIL PROTECTED] real 9.33 <- valid user with shell
[EMAIL PROTECTED] real 10.44
[EMAIL PROTECTED] real 9.49
[EMAIL PROTECTED] real 9.68
[EMAIL PROTECTED] real 9.47
[EMAIL PROTECTED] real 9.35
[EMAIL PROTECTED] real 9.59 <- valid user with shell
[EMAIL PROTECTED] real 9.51 <- valid user with shell
Another test:
[EMAIL PROTECTED] real 9.37
[EMAIL PROTECTED] real 9.90 <- valid user with shell
[EMAIL PROTECTED] real 10.66
[EMAIL PROTECTED] real 9.41
[EMAIL PROTECTED] real 9.30
[EMAIL PROTECTED] real 10.30
[EMAIL PROTECTED] real 9.47
[EMAIL PROTECTED] real 10.21 <- valid user with shell
[EMAIL PROTECTED] real 10.98 <- valid user with shell
[EMAIL PROTECTED] real 7.14
[EMAIL PROTECTED] real 7.20
"root", "operator" and "test" are valid users with a valid shell
enabled. I made this test on Slackware 11.0 (fresh installation) with
OpenSSH_4.4p1. I used the default sshd_config (see
http://slackware.osuosl.org/slackware-current/source/n/openssh/ for more
informations about the package). So, I don't received any timing leak in
this session.
I'll try as possible other distributions and configurations. However,
good work Marco :-).
Best Regards,
Gianluca Varisco