[mosh-devel] [mosh-users] Logging from mosh-server
Jim Cheetham
jim.cheetham at otago.ac.nz
Wed Jan 8 00:04:44 EST 2014
Thanks Keith. This isn't a crypto conference, and many of the questions I'm asking here are not going to be directly presented, instead they'll be summarised :-) So some of my questions are intended to solicit a sensible response, rather than to support any particular position ...
-jim
Keith Winstein <keithw at mit.edu> wrote:
On Wed, Jan 1, 2014 at 11:06 PM, Jim Cheetham <jim.cheetham at otago.ac.nz> wrote:
> Currently I'm on at 13:20 WST (Perth, Australia) on Thursday 9 Jan. I don't
> know your timezone, but that'll be between 9pm and midnight on *Wednesday*
> for the US
> (http://www.timeanddate.com/worldclock/fixedtime.html?msg=lca2014mosh&iso=20140109T13&p1=196).
> If you could start up a new IRC channel for this, I'll pop it up onscreen
> during the Q&A.
Ok, Jim, let's do it in #moshqa on irc.freenode.org. I'll be there.
If I understand your concern correctly, you are concerned that the
mosh-server will decode IP datagrams with any source address. By
contrast, SSH relies on TCP, which only looks at incoming IP datagrams
with a particular source address.
I think where we disagree is that we do not think TCP's filtering by
IP source address has a material effect on security. You
cannot trust that the IP source address is accurate. In general, one
should assume that a bad guy who exfiltrates the SSH session key OR
the Mosh session key can take control of the user's account on the
server. Both session keys (SSH and Mosh) hold the "keys to the
kingdom" in this respect. Of course if a site takes extra steps to make
the IP source address trustworthy (e.g. by requiring packets to come
from an authenticated VPN), both protocols benefit to some degree.
In general, compared with SSH, we think the security of a long-running
Mosh session is probably better because (a) Mosh's AEAD cryptography is
thought to be safer, (b) Mosh authenticates the framing of each
datagram, so is not vulnerable to fake RST and similar DOS attacks (c)
Mosh's design is simpler and more conservative (e.g., Mosh has no code
running as root), and (d) so far Mosh's emprical security track record is
better. Time will tell on all these things, and of course it's
appropriate that the security community take its time getting
comfortable with Mosh -- we welcome the scrutiny and are happy to
participate.
Looking forward to your presentation and answering questions if I can help.
Best regards,
Keith
More information about the mosh-devel
mailing list