Example of tunneling an X11 application over SSH: the user ‘josh’ has SSHed from the local machine ‘foofighter’ to the remote machine ‘tengwar’ to run xeyes.

Vulnerabilities in 2.x

In November 2008, a theoretical vulnerability was discovered for all versions of SSH which allowed recovery of up to 32 bits of plaintext from a block of ciphertext that was encrypted using what was then the standard default encryption mode, CBC.[32] The most straightforward solution is to use CTR mode instead of CBC mode, since this renders SSH resistant to the attack.[32]

Unknown vulnerabilities

On December 28, 2014 Der Spiegel published classified information[33] leaked by whistleblower Edward Snowden which suggests that the National Security Agency may be able to decrypt some SSH traffic. The technical details associated with this attack were not released as a part of the publication.

https://en.wikipedia.org/wiki/Secure_Shell

https://snowdenarchive.cjfe.org/greenstone/collect/snowden1/index/assoc/HASH295e.dir/doc.pdf

snowden_HASH295e.dir.doc

http://www.spiegel.de/international/germany/inside-the-nsa-s-war-on-internet-security-a-1010361.html

liked this article?

  • only together we can create a truly free world
  • plz support dwaves to keep it up & running!
  • (yes the info on the internet is (mostly) free but beer is still not free (still have to work on that))
  • really really hate advertisement
  • contribute: whenever a solution was found, blog about it for others to find!
  • talk about, recommend & link to this blog and articles
  • thanks to all who contribute!
admin