The Risks of Using SSH

Executive Summary This paper deals with security issues surrounding the use of Secure Shell (SSH). SSH is a replacement for telnet, rlogin, ftp, rsh, rcp, rdist, and other r*-based programs. It offers a secure communication channel between computers on an insecure network. Authenticity, confidentiality, and integrity are provided. Despite these features, SSH has several weaknesses that render it insecure under certain conditions. This paper examines these circumstances and weaknesses, proposes solutions, and suggests conditions which lead to effective use of SSH. The existence of insecure access methods bypasses the security offered by SSH. Public host keys might not undergo authentication, leading to a risk in man-in-the-middle attacks. The potential dependency on NFS (Sun Microsystems' Network File System) leads to the lack of confidentiality, integrity, and authenticity in the access control files. The tunnelling capability of SSH poses a risk to firewalls. In general, SSH will not provide security under any of the following situations: (1) dumb-terminals or X-terminals are used; (2) NFS is used; (3) public host keys cannot be certified as authentic. Users should not use SSH and should not revert to insecure remote access methods under the following conditions: (1) the public key of the remote host cannot be proven authentic; (2) the local or remote host uses NFS; (3) there exists an insecure segment along the communication path; (4) the local or remote host is not trusted.