Bug 763 - Add Null packet keepalive option
Summary: Add Null packet keepalive option
Status: CLOSED FIXED
Alias: None
Product: Portable OpenSSH
Classification: Unclassified
Component: ssh (show other bugs)
Version: 3.7p1
Hardware: All All
: P2 enhancement
Assignee: OpenSSH Bugzilla mailing list
URL: http://marc.theaimsgroup.com/?l=opens...
Keywords:
Depends on:
Blocks:
 
Reported: 2003-11-23 16:13 AEDT by Ralf Hauser
Modified: 2004-04-14 12:24 AEST (History)
2 users (show)

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Ralf Hauser 2003-11-23 16:13:05 AEDT
for those often being disconnected, please add this feature!
Comment 1 Darren Tucker 2003-11-23 16:23:05 AEDT
See also the (relatively) recent discussion on openssh-unix-dev:
http://marc.theaimsgroup.com/?l=openssh-unix-dev&m=104947194014595
Comment 2 Ville Herva 2003-11-24 01:05:11 AEDT
I assume Ralf Hauser invited me to add myself to Cc list of this bug because of
this comment:

http://www.mindrot.org/pipermail/openssh-unix-dev/2003-April/017804.html

So here it is for the record:

  What about the randomness? Isn't there some information exposed currently as
  to at what time and how many times the user for example presses keys? I
  think there was a proposed attack to record the relative timing of packets
  sent by ssh after each key press and to use that information to analyze what
  kind of password the user might have typed. Inserting random traffic to the
  stream might mitigate this information leak? Or has this been handled by
  other means?

What tried to address with the above comment is what is described in 

  http://www.cs.berkeley.edu/~daw/papers/ssh-use01.ps
  http://www.cs.berkeley.edu/~daw/papers/ssh-use01.pdf
  Dawn Xiaodong Song, David Wagner, and Xuqing Tian,
  "Timing Analysis of Keystrokes and Timing Attacks on SSH",
  10th USENIX Security Symposium, 2001.

  http://www.ece.cmu.edu/~dawnsong/papers/ssh-timing.pdf

A summary:
  http://linux.oreillynet.com/lpt/a/linux/2001/11/08/ssh_keystroke.html

Comment 3 Martin Johansson 2003-11-24 04:19:16 AEDT
I would be pleased if this feature was added. I'm patching my OpenSSH clients
right now with a patch posted to the dev-list a couple of times.

http://marc.theaimsgroup.com/?l=openssh-unix-dev&m=104972406723496&w=2
Comment 4 Damien Miller 2003-12-16 22:43:45 AEDT
This is two issues in one bug: 

1. Client->server keepalive packets
2. Adding fake traffic to frustrate timing analysis

These are very different issues, though one would probably use the solution to
(1) to implement (2). Exactly how to implement (2) is a subject for further
discussion.

In any case, support for (1) is now in CVS (see ServerAliveInterval and
ServerAliveCountMax), so I'll close this bug. I think any traffic analysis
defeat should be thrashed out on openssh-unix-dev@ and filed as a separate bug
Comment 5 Damien Miller 2004-04-14 12:24:20 AEST
Mass change of RESOLVED bugs to CLOSED