From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.org!not-for-mail From: Daniel Colascione Newsgroups: gmane.emacs.bugs Subject: bug#18967: Tramp disables important SSH security features Date: Thu, 06 Nov 2014 16:58:24 +0000 Message-ID: <545BA8B0.8060107@dancol.org> References: <545AC52C.1090807@dancol.org> <874muczg8b.fsf@lifelogs.com> NNTP-Posting-Host: plane.gmane.org Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="3V0iu7sOcIXu1pESX576eI3JxxRUr53Ev" X-Trace: ger.gmane.org 1415293166 28594 80.91.229.3 (6 Nov 2014 16:59:26 GMT) X-Complaints-To: usenet@ger.gmane.org NNTP-Posting-Date: Thu, 6 Nov 2014 16:59:26 +0000 (UTC) Cc: 18967@debbugs.gnu.org To: Ted Zlatanov Original-X-From: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org Thu Nov 06 17:59:20 2014 Return-path: Envelope-to: geb-bug-gnu-emacs@m.gmane.org Original-Received: from lists.gnu.org ([208.118.235.17]) by plane.gmane.org with esmtp (Exim 4.69) (envelope-from ) id 1XmQP1-0005tt-Al for geb-bug-gnu-emacs@m.gmane.org; Thu, 06 Nov 2014 17:59:19 +0100 Original-Received: from localhost ([::1]:54987 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1XmQP0-0001Ys-Tq for geb-bug-gnu-emacs@m.gmane.org; Thu, 06 Nov 2014 11:59:18 -0500 Original-Received: from eggs.gnu.org ([2001:4830:134:3::10]:58091) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1XmQOs-0001Xb-Bm for bug-gnu-emacs@gnu.org; Thu, 06 Nov 2014 11:59:16 -0500 Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1XmQOk-0003zW-2l for bug-gnu-emacs@gnu.org; Thu, 06 Nov 2014 11:59:10 -0500 Original-Received: from debbugs.gnu.org ([140.186.70.43]:54819) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1XmQOj-0003zR-QL for bug-gnu-emacs@gnu.org; Thu, 06 Nov 2014 11:59:01 -0500 Original-Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.80) (envelope-from ) id 1XmQOj-0006iO-Kx for bug-gnu-emacs@gnu.org; Thu, 06 Nov 2014 11:59:01 -0500 X-Loop: help-debbugs@gnu.org Resent-From: Daniel Colascione Original-Sender: "Debbugs-submit" Resent-CC: bug-gnu-emacs@gnu.org Resent-Date: Thu, 06 Nov 2014 16:59:01 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 18967 X-GNU-PR-Package: emacs X-GNU-PR-Keywords: security Original-Received: via spool by 18967-submit@debbugs.gnu.org id=B18967.141529311725773 (code B ref 18967); Thu, 06 Nov 2014 16:59:01 +0000 Original-Received: (at 18967) by debbugs.gnu.org; 6 Nov 2014 16:58:37 +0000 Original-Received: from localhost ([127.0.0.1]:52031 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1XmQOK-0006hd-PK for submit@debbugs.gnu.org; Thu, 06 Nov 2014 11:58:37 -0500 Original-Received: from dancol.org ([96.126.100.184]:34681) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1XmQOI-0006hT-TA for 18967@debbugs.gnu.org; Thu, 06 Nov 2014 11:58:35 -0500 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=dancol.org; s=x; h=Content-Type:In-Reply-To:References:Subject:CC:To:MIME-Version:From:Date:Message-ID; bh=A39oIlzOLGACfB4+LbIDxTmpzFsBC9uvQvdHXisKyaE=; b=hWh/Mr59yuSHlxdfsBiEXYkCblAMw1NKrTyejqaxVWEdk1SFbXL7/uWKEzj3cVBrnjE8iWR1WhE+ps519XJwEhgkLU+gcJvBGsJOusf9ELINBRywtRWRVi5BjoFGHq/QBE1q8HoYow8Xp1HppSLu/ZxPnC7qLdGO8Se7LGBeJQMliKUtLUsFMUGoXjxL5BnxdwjddDAi0UCl9zO3gsRX2rQE+mpyxihMkJ6J4AbL1L6GMlLJl8XfQjD73cnVFh2TnoU8lTDQUNvA6D2wkeostQf6uFu7bu93b7EFB/DkJHrG6x7JKbJ8rHrY7vtT0UQE07G00xDXIpwzqga1L6Boqg==; Original-Received: from [195.89.19.114] (helo=[172.17.183.206]) by dancol.org with esmtpsa (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.84) (envelope-from ) id 1XmQOG-0005J2-0S; Thu, 06 Nov 2014 08:58:32 -0800 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.2.0 In-Reply-To: <874muczg8b.fsf@lifelogs.com> X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.15 Precedence: list X-detected-operating-system: by eggs.gnu.org: GNU/Linux 3.x X-Received-From: 140.186.70.43 X-BeenThere: bug-gnu-emacs@gnu.org List-Id: "Bug reports for GNU Emacs, the Swiss army knife of text editors" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org Original-Sender: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org Xref: news.gmane.org gmane.emacs.bugs:95625 This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --3V0iu7sOcIXu1pESX576eI3JxxRUr53Ev Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: quoted-printable On 11/06/2014 12:05 PM, Ted Zlatanov wrote: > On Thu, 06 Nov 2014 00:47:40 +0000 Daniel Colascione wrote:=20 >=20 > DC> Tramp disables SSH host key checks by setting > DC> GlobalKnownHostsFile=3D/dev/null, UserKnownHostsFile=3D/dev/null, a= nd > DC> StrictHostKeyChecking=3Dno in its default method configuration. The= se > DC> settings allow attackers to intercept connections to remote hosts, = sniff > DC> passwords, and cause other mischief. I don't think we should ship a= n > DC> insecure configuration. >=20 > I think the alternatives are something like what Ansible does: > http://www.ansible.com/blog/2014/01/15/ssh-connection-upgrades-coming-i= n-ansible-1-5 > or a SSH client library as a FFI.=20 > SSH, when called externally, has many > failure modes without those options. So let it fail. Since when is it okay to trade diminished security for improved reliability? --3V0iu7sOcIXu1pESX576eI3JxxRUr53Ev Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCAAGBQJUW6iwAAoJEN4WImmbpWBlEtoQAJK3s4hKZYYAEpO8eD1fzbXb tvhtu5InRlgmEHtiS8Z4CZyOS/9jYicv167b9Oes2Lo2EKN52b4kLSZvP2UkR8M8 H5/ZSKnyL3uf/2IUIf9K04/gSlkvMpFvBjvTqZlqAsDV2pKvZs9pyP2lnQaNGPl1 fVDTPZefV7dWMx+x83es006vgGsYWfaeDbRgdYAmio0M2IUiRYAJNOwwYcIeiWiT HjGFRRmb57WvNH/lpB60HLxl5TOo6E6nOp7ojUhFqbhgFFrGXabw30GwHZmMZwNG KiJhRX1mgS77pjNPk1EwnBQnrFiWiUxcv3OTlnPxX0X5ggVG1EqlgHTVG1VfWPCQ t7SUKS7gJsBSDWBdFPKrKelR02QCQyrlZYJ+Bi5BQQ5MdHNfEeEgNm+1HlyOhNr/ G5sv1zNeJ4pUr6FPAr/Chj43gQmcvF/7AUvxG1pA1y8l+rcuY0DAfiwD48p+ZpcC dgtjnOPbHU9JtUlN8r5FMpkODjPps5rV7BCj4LjntTFr4mWfFanRVI9+M735kJr+ J3ELTZva1KqS/PMKSy7zrBBxgNQt+v5h/tMiLX98EPiQG8wwpNjIIhVGgyuMKj9m tuEpc9VhV/13NDvnjwAVXz7TOAENQHlBfAVXhPvwm3QroOb0msrdvRc5qZ1CZm81 AUcRpT1fvUzdCZ8AP0kR =XZru -----END PGP SIGNATURE----- --3V0iu7sOcIXu1pESX576eI3JxxRUr53Ev--