CIACTech02-001: Understanding the SSH CRC32 Exploit
In recent months, many servers running ssh have been compromised using the SSH CRC32 Compensation Attack Detector. Compromised machines have either not been upgraded to SSH protocol 2 or have not disabled drop back to SSH protocol 1. Use of this attack allows a remote user to gain root access on a server.
I would like to list all files in a directory tree but with a prepended digest hash code (like CRC32). CRC32 is not a MUST. If suitable another hash code can be used as well. In case of CRC32 the listing should look like
3765AC \usr\bin\spool
23CE99 \usr\bin\spool\list.h
...
11AA04... (3 Replies)
Is cksum the right command to calculate the crc32 checksum value? I tried it for a number of files now and every time the results dont match. So there is nothing wrong with the file. Also, cksum gives me an all numerical value while crc32 is alpha numeric. What am I doing wrong?
Thanks (9 Replies)
Hello!
For long I used cksum to find file duplicates in linux and darwin.
Now I want to make my own program that does all.
However I can't seem to find the correct algorithm.
zip and cksum claim to use the same algorithm, but the computated sums are not the same.
I've already written an... (4 Replies)
SSH-COPY-ID(1) General Commands Manual SSH-COPY-ID(1)NAME
ssh-copy-id - install your public key in a remote machine's authorized_keys
SYNOPSIS
ssh-copy-id [-i [identity_file]] [user@]machine
DESCRIPTION
ssh-copy-id is a script that uses ssh to log into a remote machine (presumably using a login password, so password authentication should be
enabled, unless you've done some clever use of multiple identities)
It also changes the permissions of the remote user's home, ~/.ssh, and ~/.ssh/authorized_keys to remove group writability (which would oth-
erwise prevent you from logging in, if the remote sshd has StrictModes set in its configuration).
If the -i option is given then the identity file (defaults to ~/.ssh/id_rsa.pub) is used, regardless of whether there are any keys in your
ssh-agent. Otherwise, if this:
ssh-add -L
provides any output, it uses that in preference to the identity file.
If the -i option is used, or the ssh-add produced no output, then it uses the contents of the identity file. Once it has one or more fin-
gerprints (by whatever means) it uses ssh to append them to ~/.ssh/authorized_keys on the remote machine (creating the file, and directory,
if necessary)
SEE ALSO ssh(1), ssh-agent(1), sshd(8)OpenSSH 14 November 1999 SSH-COPY-ID(1)