diff mbox series

mark OpenSSH password authentication as insecure

Message ID c5b950b6-9c8f-01f7-89b2-bfcde07aa7f4@link38.eu
State Dropped
Headers
Series mark OpenSSH password authentication as insecure |

Commit Message

Peter Müller April 29, 2018, 7:27 p.m. UTC 
  Using password authentication for SSH access is quite risky
since the security depends on the password strength. People
should use public-key authentication instead.

This partly fixes #11538.

Signed-off-by: Peter Müller <peter.mueller@link38.eu>
---
 langs/de/cgi-bin/de.pl | 2 +-
 langs/en/cgi-bin/en.pl | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

Comments

Michael Tremer April 30, 2018, 9 p.m. UTC | #1 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Hello,

I disagree.

I do not think that we should generally warn because of this. Passwords are not
unsafe per se. They can be brute-forced, but so can certificates. Good passwords
provide a complexity that is good enough to not break into all sorts of
accounts.

If people use a good password or not is a different thing. That by itself does
not render SSH authentication by password a security risk.

Best,
- -Michael

On Sun, 2018-04-29 at 11:27 +0200, Peter Müller wrote:
> Using password authentication for SSH access is quite risky
> since the security depends on the password strength. People
> should use public-key authentication instead.
> 
> This partly fixes #11538.
> 
> Signed-off-by: Peter Müller <peter.mueller@link38.eu>
> ---
>  langs/de/cgi-bin/de.pl | 2 +-
>  langs/en/cgi-bin/en.pl | 2 +-
>  2 files changed, 2 insertions(+), 2 deletions(-)
> 
> diff --git a/langs/de/cgi-bin/de.pl b/langs/de/cgi-bin/de.pl
> index 07bef906b..477c23920 100644
> --- a/langs/de/cgi-bin/de.pl
> +++ b/langs/de/cgi-bin/de.pl
> @@ -2156,7 +2156,7 @@
>  'ssh key size' => 'Länge (bits)',
>  'ssh keys' => 'Authentifizierung auf Basis öffentlicher Schlüssel zulassen',
>  'ssh no auth' => 'Sie haben keinerlei Authentifizierungverfahren zugelassen;
> dies wird Ihre Anmeldung verhindern',
> -'ssh passwords' => 'Passwortbasierte Authentifizierung zulassen',
> +'ssh passwords' => 'Passwortbasierte Authentifizierung zulassen
> (Sicherheitsrisiko)',
>  'ssh port' => 'SSH Port auf 22 setzen (Standard ist 222)',
>  'ssh portfw' => 'TCP-Weiterleitung zulassen',
>  'ssh tempstart15' => 'SSH-Deamon in 15 Minuten beenden',
> diff --git a/langs/en/cgi-bin/en.pl b/langs/en/cgi-bin/en.pl
> index a343b3bd7..66356cc69 100644
> --- a/langs/en/cgi-bin/en.pl
> +++ b/langs/en/cgi-bin/en.pl
> @@ -2194,7 +2194,7 @@
>  'ssh key size' => 'Size (bits)',
>  'ssh keys' => 'Allow public key based authentication',
>  'ssh no auth' => 'You have not allowed any authentication methods; this will
> stop you logging in',
> -'ssh passwords' => 'Allow password based authentication',
> +'ssh passwords' => 'Allow password based authentication (security risk)',
>  'ssh port' => 'SSH port set to 22 (default is 222)',
>  'ssh portfw' => 'Allow TCP forwarding',
>  'ssh tempstart15' => 'Stop SSH demon in 15 minutes',
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE5/rW5l3GGe2ypktxgHnw/2+QCQcFAlrm92UACgkQgHnw/2+Q
CQesug/+JEpw2xLS5MajcpCitpybzaYi5Pz3po9NFAnmx/grdd96GHuVo+JCcJd/
u5RFkiatvxd0plL0+V8Wp6TmTx23FCIpCI+MGhUGsSPnTf5iLV6LPx8vHyoXY1rA
P30bdQNWjhb/isxVkR64RS7RTZYImuleiVj/kJEriE1dj1vzOWVa+Du0lcRheV2a
1eR8kdp2sYVOLqpPcB7yyGazv6NrQYO1chW3Bp10z/0G04VwRP9zom1j3XTdQ0LX
yBpOPPmqCrHUWxMGwxgt0FWzdzv/ndU91f58REtiUCM6CEkN1Mnxi1Q9PKlI4Dz4
mzPjNvdXvio/CTbKUpK3kEfj1f9V1jR/moc9r7SRtta+ZrK7ifoIJ9Xcg3F+1VQq
D/CM0NGO5bGBnoirlh2I3CEEFkrCokJfT2VZkAvULZyAS5HULlXGY/rjooBoi1WQ
BxFCAmyF0V7ro3Y/FMWq5jJzxTtp6JumaxvL8YtqvhcT1ao5/g3WrAgFe5C6qr6r
48PyR5ht6qPLjdtAaNZGox6yjf35ao6Kok8uvleAt1KE7hlVON+uYluv+yrEXgA3
6CM8iRutb0WKBZ8pjDs9+4tmPY1TnOK0EIoKLKDuLdvJw6poH2B43duVCUPO86rH
xQJPPB/YfBmIE88OgyM3D2nXpojn8idEYPV5quJSv71SeR36vo0=
=Iqbn
-----END PGP SIGNATURE-----
Peter Müller May 7, 2018, 6:12 a.m. UTC | #2 
Hello,

> Hello,
> 
> I disagree.
> 
> I do not think that we should generally warn because of this. Passwords are not
> unsafe per se. They can be brute-forced, but so can certificates. Good passwords
> provide a complexity that is good enough to not break into all sorts of
> accounts.From the point of usability, yes. My intention here is to rule out passwords
(did I mention I hate them?) since they never can be as complex as a OpenSSH
pubkey is. But this is usability vs. security again, and it is not a security
risk in general, so I can live with the status quo.

This patch is dropped.

Best regards,
Peter Müller
> 
> If people use a good password or not is a different thing. That by itself does
> not render SSH authentication by password a security risk.
> 
> Best,
> -Michael
> 
> On Sun, 2018-04-29 at 11:27 +0200, Peter Müller wrote:
>> Using password authentication for SSH access is quite risky
>> since the security depends on the password strength. People
>> should use public-key authentication instead.
> 
>> This partly fixes #11538.
> 
>> Signed-off-by: Peter Müller <peter.mueller@link38.eu>
>> ---
>>  langs/de/cgi-bin/de.pl | 2 +-
>>  langs/en/cgi-bin/en.pl | 2 +-
>>  2 files changed, 2 insertions(+), 2 deletions(-)
> 
>> diff --git a/langs/de/cgi-bin/de.pl b/langs/de/cgi-bin/de.pl
>> index 07bef906b..477c23920 100644
>> --- a/langs/de/cgi-bin/de.pl
>> +++ b/langs/de/cgi-bin/de.pl
>> @@ -2156,7 +2156,7 @@
>>  'ssh key size' => 'Länge (bits)',
>>  'ssh keys' => 'Authentifizierung auf Basis öffentlicher Schlüssel zulassen',
>>  'ssh no auth' => 'Sie haben keinerlei Authentifizierungverfahren zugelassen;
>> dies wird Ihre Anmeldung verhindern',
>> -'ssh passwords' => 'Passwortbasierte Authentifizierung zulassen',
>> +'ssh passwords' => 'Passwortbasierte Authentifizierung zulassen
>> (Sicherheitsrisiko)',
>>  'ssh port' => 'SSH Port auf 22 setzen (Standard ist 222)',
>>  'ssh portfw' => 'TCP-Weiterleitung zulassen',
>>  'ssh tempstart15' => 'SSH-Deamon in 15 Minuten beenden',
>> diff --git a/langs/en/cgi-bin/en.pl b/langs/en/cgi-bin/en.pl
>> index a343b3bd7..66356cc69 100644
>> --- a/langs/en/cgi-bin/en.pl
>> +++ b/langs/en/cgi-bin/en.pl
>> @@ -2194,7 +2194,7 @@
>>  'ssh key size' => 'Size (bits)',
>>  'ssh keys' => 'Allow public key based authentication',
>>  'ssh no auth' => 'You have not allowed any authentication methods; this will
>> stop you logging in',
>> -'ssh passwords' => 'Allow password based authentication',
>> +'ssh passwords' => 'Allow password based authentication (security risk)',
>>  'ssh port' => 'SSH port set to 22 (default is 222)',
>>  'ssh portfw' => 'Allow TCP forwarding',
>>  'ssh tempstart15' => 'Stop SSH demon in 15 minutes',
>
diff mbox series

Patch

diff --git a/langs/de/cgi-bin/de.pl b/langs/de/cgi-bin/de.pl
index 07bef906b..477c23920 100644
--- a/langs/de/cgi-bin/de.pl
+++ b/langs/de/cgi-bin/de.pl
@@ -2156,7 +2156,7 @@ 
 'ssh key size' => 'Länge (bits)',
 'ssh keys' => 'Authentifizierung auf Basis öffentlicher Schlüssel zulassen',
 'ssh no auth' => 'Sie haben keinerlei Authentifizierungverfahren zugelassen; dies wird Ihre Anmeldung verhindern',
-'ssh passwords' => 'Passwortbasierte Authentifizierung zulassen',
+'ssh passwords' => 'Passwortbasierte Authentifizierung zulassen (Sicherheitsrisiko)',
 'ssh port' => 'SSH Port auf 22 setzen (Standard ist 222)',
 'ssh portfw' => 'TCP-Weiterleitung zulassen',
 'ssh tempstart15' => 'SSH-Deamon in 15 Minuten beenden',
diff --git a/langs/en/cgi-bin/en.pl b/langs/en/cgi-bin/en.pl
index a343b3bd7..66356cc69 100644
--- a/langs/en/cgi-bin/en.pl
+++ b/langs/en/cgi-bin/en.pl
@@ -2194,7 +2194,7 @@ 
 'ssh key size' => 'Size (bits)',
 'ssh keys' => 'Allow public key based authentication',
 'ssh no auth' => 'You have not allowed any authentication methods; this will stop you logging in',
-'ssh passwords' => 'Allow password based authentication',
+'ssh passwords' => 'Allow password based authentication (security risk)',
 'ssh port' => 'SSH port set to 22 (default is 222)',
 'ssh portfw' => 'Allow TCP forwarding',
 'ssh tempstart15' => 'Stop SSH demon in 15 minutes',