OpenBSD Journal
Home : : Add Story : : Archives : : About : : Create Account : : Login :
Comments

<< Re: [c2k8]: Developer Blog: grunk@ - SSH Fingerprint Visualization Support | Up: [c2k8]: Developer Blog: grunk@ - SSH Fingerprint Visualization Support | Flattened | Collapsed | Re: [c2k8]: Developer Blog: grunk@ - SSH Fingerprint Visualization Support >>

Threshold: Help

  Re: [c2k8]: Developer Blog: grunk@ - SSH Fingerprint Visualization Support (mod 7/77)
by Peter (129.132.27.180) on Thu Jun 26 09:30:31 2008 (GMT)
  Am I the only one who does not like it? Numbers are cumbersome, but they are precise.

Pictures can be confuse the viewer. I think it should be possible to write a small program that generates thousands of keys, trying to create one where the fingerprint picture is close to the original picture. Assuming that the user has no picture reference, it seems likely that he will accept the false key as his own. The brain is great in recognizing things even if they are not 100% the same.

This looks like a security facade to me, weakening the security.
  [ Show thread ] [ Reply to this comment ] [ Mod Up ] [ Mod Down ]

       
Re: [c2k8]: Developer Blog: grunk@ - SSH Fingerprint Visualization Support (mod -11/57)
by Anonymous Coward (75.111.94.145) on Sat May 16 01:33:45 2009 (GMT)
  > Am I the only one who does not like it? Numbers are cumbersome, but they are precise.
>
> Pictures can be confuse the viewer. I think it should be possible to write a small program that generates thousands of keys, trying to create one where the fingerprint picture is close to the original picture. Assuming that the user has no picture reference, it seems likely that he will accept the false key as his own. The brain is great in recognizing things even if they are not 100% the same.
>
> This looks like a security facade to me, weakening the security.

Well, on the other hand it's actually much easier to generate thousands of keys and find one that has a hex fingerprint that starts and ends with the same couple of bytes as the fingerprint on the machine you are attacking, so in that respect it's no more or less secure than the existing method of asking a user to verify the hex key. Either they will identify it exactly, byte by byte, or they will choose an approximation. The fingerprint is a more easily recognized approximation, but obviously its still not a substitute for out of band validation.

IMO they really need to add the capability for ssh to validate keys through a CA.
  [ Show thread ] [ Reply to this comment ] [ Mod Up ] [ Mod Down ]

[ Home | Add Story | Archives | Polls | About ]

Copyright © 2004-2008 Daniel Hartmeier. All rights reserved. Articles and comments are copyright their respective authors, submission implies license to publish on this web site. Contents of the archive prior to April 2nd 2004 as well as images and HTML templates were copied from the fabulous original deadly.org with Jose's and Jim's kind permission. Some icons from slashdot.org used with permission from Kathleen. This journal runs as CGI with httpd(8) on OpenBSD, the source code is BSD licensed. Search engine is ht://Dig. undeadly \Un*dead"ly\, a. Not subject to death; immortal. [Obs.]