| Issue 104: | Enforce ssh user names to be unique per account | |
| Back to list |
Reported by Shawn Pearce <sop@google.com> on Tue Mar 10 17:44:43 PDT 2009 Source: JIRA GERRIT-104 Affected Version: 2.0.7 Set SSH usernames be unique per account, and allow users to select their own user name if the guessed default is already taken. This fixes a possible MITM attack: Attacker knows another public key that joe@gmail.com's SSH client will submit during the SSH authentication (SSH allows you to propose several public keys in a single packet) but that has not been added by joe@gmail.com to his gerrit account. This can be done by monitoring the network (requiring an active MITM attack, since pub keys are sent after), running a SSH server the victim will connect to or any other means. Attacker adds this key to his account. Next time joe@gmail.com SSHs to gerrit he may very well be logged-in to the attacker's account.
Sep 24, 2009
#1
code-rev...@gtempaccount.com
Sep 24, 2009
Update by Shawn Pearce <sop@google.com> on Thu Aug 06 17:36:41 PDT 2009 Fixed in version 2.0.18.
Status:
Fixed
Sep 24, 2009
Comment by Shawn Pearce <sop@google.com> on Thu Aug 06 17:36:41 PDT 2009 Fixed by https://review.source.android.com/11060
Sep 24, 2009
Update by Shawn Pearce <sop@google.com> on Sat Aug 15 18:34:57 PDT 2009
Status:
New
Sep 24, 2009
Update by Shawn Pearce <sop@google.com> on Sat Aug 15 18:35:09 PDT 2009
Status:
Fixed
Sep 25, 2009
(No comment was entered for this change.)
Labels:
FixedIn-2.0.18
Oct 25, 2012
(No comment was entered for this change.)
Status:
Released
Blocking: -gerrit:253 |
|
| ► Sign in to add a comment |