Re: [Nolug] busted ssh

From: Jimmy Hess <>
Date: Sat, 10 Jan 2015 08:34:10 -0600
Message-ID: <>

On Fri, Jan 9, 2015 at 7:29 AM, Joey Kelly <> wrote:

With SSH, plenty of people still have interoperability with Protocol
Version 1 enabled on their servers or clients. You telnet to a
server on port 22 and see a 'SSH-1.99', then that version string
indicates the server will happily use Protocol Version 1.

Protocol Version 1 is not secure, and it is subject to some trivial
MiTM attacks and other vulnerabilities.

So in many cases, SSH is busted, b/c SSHv1 has not been totally
disabled, before you even consider looking at allowed ciphers or key
negotiation as shown.

That is, since... If a client or server has Version 1 enabled at all,
even if the client tries to negotiate Version 2 first, then the
client and server can still be tricked into Downgrading to Protocol
Version 1.

> ___________________
> Nolug mailing list

Nolug mailing list
Received on 01/10/15

This archive was generated by hypermail 2.2.0 : 04/09/15 CDT