All Versions of SSH Are Likely Vulnerable to This Attack

Actually, it is possible that some versions are okay – we just don’t know which ones they might be, so you should assume any version of SSH you are using, including those embedded in some tool you use, may not be secure.

While SSH is still more secure than say, telnet, that should not give you a huge amount of comfort.

The attack is called Terrapin and if you want all the gory details, Dan Goodin provides them in the Ars Technica article at the link.

Bottom line, if the version of SSH that you are using supports chacha20-poly1305 or CBC with encrypt then mac, your software is vulnerable.

It does require a man-in-the-middle (now called adversary-in-the-middle) attack, but given most admins use SSH remotely, that may not be hard to achieve.

77 percent of the SSH servers exposed to the Internet support one of these two encryption standards and 57 percent say that at least one of these is a preferred option.

The attack targets Binary Packet Protocol, which is designed, specifically, to stop this type of attack.

The short version of the attack is that the attackers corrupt the handshake between the two ends at the beginning of the handshake to corrupt the process and take over.

The paper identifies three dozen SSH products that are affected, but the list is not complete.

Some vendors may have released patches, but consider SSH tools embedded in other management tools as potentially vulnerable also.

Credit: Ars Technica