[tor-relays] Tor exit nodes attacking SSH?
Steven Chamberlain
steven at pyro.eu.org
Wed Aug 9 00:48:08 UTC 2017
Hi,
I often run my SSH sessions via Tor using tsocks. But today I see:
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle
attack)!
It is also possible that a host key has just been changed.
The fingerprint for the RSA key sent by the remote host is
e7:0e:73:a5:88:23:67:9c:01:87:3c:61:96:f6:e8:0a.
Further investigation shows that this happens for any destination IP
address, even where there's no SSH service running:
$ tsocks ssh -vC root at 8.8.8.8
OpenSSH_6.7p1 Debian-5+deb8u3, OpenSSL 1.0.1t 3 May 2016
debug1: Reading configuration data /home/steven/.ssh/config
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug1: Connecting to 8.8.8.8 [8.8.8.8] port 22.
debug1: Connection established.
debug1: identity file /home/steven/.ssh/id_rsa type 1
debug1: key_load_public: No such file or directory
debug1: identity file /home/steven/.ssh/id_rsa-cert type -1
debug1: identity file /home/steven/.ssh/id_dsa type 2
debug1: key_load_public: No such file or directory
debug1: identity file /home/steven/.ssh/id_dsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/steven/.ssh/id_ecdsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/steven/.ssh/id_ecdsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/steven/.ssh/id_ed25519 type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/steven/.ssh/id_ed25519-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.7p1 Debian-5+deb8u3
debug1: Remote protocol version 2.0, remote software version
dropbear_2015.67
debug1: no match: dropbear_2015.67
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-sha2-256 zlib at openssh.com
debug1: kex: client->server aes128-ctr hmac-sha2-256 zlib at openssh.com
debug1: sending SSH2_MSG_KEX_ECDH_INIT
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: RSA
e7:0e:73:a5:88:23:67:9c:01:87:3c:61:96:f6:e8:0a
The authenticity of host '8.8.8.8 (8.8.8.8)' can't be established.
RSA key fingerprint is e7:0e:73:a5:88:23:67:9c:01:87:3c:61:96:f6:e8:0a.
Are you sure you want to continue connecting (yes/no)? :
I could be wrong, but I think this "dropbear" service is most likely
something malicious, running on one or more Tor exit nodes, attempting
to collect passwords of people logging in this way.
If a user ignored the error (or trusts the fingerprint without
verifying), their password, and further activity on the shell could all
be captured by the attacker.
Since Tor makes my client connections anonymous, and the dropbear is
seen even for hosts that don't provide an SSH service, makes me think
this attack is indiscriminate, not targetted only at me or my servers.
The first time you connect to some machine, be careful to verify the
fingerprint through independent means. Pay attention to notices like
this of changed key fingerprints. And if you haven't already, disable
PasswordAuthentication to something that cannot be intercepted (like
authorization of private RSA/ECDSA keys).
Regards,
--
Steven Chamberlain
steven at pyro.eu.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 648 bytes
Desc: Digital signature
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20170809/bfa8471b/attachment.sig>
More information about the tor-relays
mailing list