Author Topic: SSH Tunneling still relevant?  (Read 5430 times)

0 Members and 2 Guests are viewing this topic.

Offline lucid

  • #Underground
  • Titan
  • **
  • Posts: 2683
  • Cookies: 243
  • psychonaut
    • View Profile
SSH Tunneling still relevant?
« on: October 02, 2013, 09:12:40 pm »
Seems like a silly question I know.

As of late it seems that those who care must re-evaluate our methods of anonymity due to the NSA 'cracking' RSA 1024 bit encryption. So obviously VPNs, SSL/HTTPS, Tor, and many other methods I'm sure, are out the window.... at least if you are trying to hide from the government.

Now up until recently I've been under the impression that rooting a multitude of SSH servers, and using them as SOCKS proxies by chaining them all together and tunneling through them was one of the best ways to be anonymous considering that you would be in complete control of all the nodes so you wouldn't have to worry about logs. However, considering that RSA was cracked, and SSH uses RSA encryption, seems that SSH tunneling is not as uber leet anon as we all thought it was.

But what if I'm using DSA instead? I assume the NSA wouldn't have any problems with that... but what about ECDSA? Has that been compromised? Is there any algo that we can still use safely?

Discuss, friends.
« Last Edit: October 02, 2013, 09:17:43 pm by lucid »
"Hacking is at least as much about ideas as about computers and technology. We use our skills to open doors that should never have been shut. We open these doors not only for our own benefit but for the benefit of others, too." - Brian the Hacker

Quote
15:04  @Phage : I'm bored of Python

Offline Zesh

  • Royal Highness
  • ****
  • Posts: 699
  • Cookies: 42
    • View Profile
Re: SSH Tunneling still relevant?
« Reply #1 on: October 02, 2013, 09:18:28 pm »
You can still use many algorithms as long as the key size is "large" enough.

Offline ande

  • Owner
  • Titan
  • *
  • Posts: 2664
  • Cookies: 256
    • View Profile
Re: SSH Tunneling still relevant?
« Reply #2 on: October 02, 2013, 09:20:00 pm »
Quote
Everyone needs to calm down: The National Security Agency HAS NOT "cracked" common internet encryption.


What the NSA has done, according to leaked documents, is (1) undermine encryption by coercing companies to put backdoors into their software and (2) hack into tech company servers to steal encryption keys.
The misconception has spawned as a result of major news organizations like The Guardian, Propublica, and New York Times conflating the two ideas of "exploiting" and "cracking.


Source: http://www.businessinsider.com/calm-down-the-nsa-hasnt-cracked-basic-internet-encryption-2013-9



My two cents: I don't think the NSA can crack, as in brute force, RSA within a reasonable time-frame just yet. And even if they did, they would have to disclose that information in a scenario where you get "cough" while tapped by the NSA.
« Last Edit: October 02, 2013, 09:23:50 pm by ande »
if($statement) { unless(!$statement) { // Very sure } }
https://evilzone.org/?hack=true

Offline lucid

  • #Underground
  • Titan
  • **
  • Posts: 2683
  • Cookies: 243
  • psychonaut
    • View Profile
Re: SSH Tunneling still relevant?
« Reply #3 on: October 02, 2013, 09:35:27 pm »
See I read that article but I got the feeling that it was sensationalism to hide the fact that the NSA is aggressively invading our privacy.

Well, I suppose it's true, they didn't really crack it they just backdoored it. Either way it seems that RSA 1024 is no where near strong enough anymore, so all I need to do is use, say RSA 4096bit encryption then..
« Last Edit: October 03, 2013, 09:01:57 am by lucid »
"Hacking is at least as much about ideas as about computers and technology. We use our skills to open doors that should never have been shut. We open these doors not only for our own benefit but for the benefit of others, too." - Brian the Hacker

Quote
15:04  @Phage : I'm bored of Python

Offline chapp

  • Peasant
  • *
  • Posts: 87
  • Cookies: 2
    • View Profile
Re: SSH Tunneling still relevant?
« Reply #4 on: October 02, 2013, 09:42:08 pm »
The same rules apply. SSH tunnel chaining is not a matter of keeping the data secret, but the origin of the data. At two points must the data be available as clear text, either of these can be compromised. Just expect everything you write to be visible to everyone and don't reveal too much info, if you are not interested in being associated with it later.


The NSA might/quite likely have successfully weakened certain encryption algorithm allowing them to extract certain information.

Offline lucid

  • #Underground
  • Titan
  • **
  • Posts: 2683
  • Cookies: 243
  • psychonaut
    • View Profile
Re: SSH Tunneling still relevant?
« Reply #5 on: October 02, 2013, 09:45:30 pm »
At two points must the data be available as clear text

To that sir all I will say is...

End-to-end encryption
"Hacking is at least as much about ideas as about computers and technology. We use our skills to open doors that should never have been shut. We open these doors not only for our own benefit but for the benefit of others, too." - Brian the Hacker

Quote
15:04  @Phage : I'm bored of Python

Offline chapp

  • Peasant
  • *
  • Posts: 87
  • Cookies: 2
    • View Profile
Re: SSH Tunneling still relevant?
« Reply #6 on: October 02, 2013, 10:25:02 pm »
To that sir all I will say is...

End-to-end encryption


That does not change the premise of data being clear text at two end-points, thus you most at all time rely on the recipient and yourself not to be compromised.

Offline proxx

  • Avatarception
  • Global Moderator
  • Titan
  • *
  • Posts: 2803
  • Cookies: 256
  • ФФФ
    • View Profile
Re: SSH Tunneling still relevant?
« Reply #7 on: October 02, 2013, 10:35:59 pm »
Apart from that you could also give the data in the tunnel another layer with any ecryption of choice.
Wtf where you thinking with that signature? - Phage.
This was another little experiment *evillaughter - Proxx.
Evilception... - Phage

Offline lucid

  • #Underground
  • Titan
  • **
  • Posts: 2683
  • Cookies: 243
  • psychonaut
    • View Profile
Re: SSH Tunneling still relevant?
« Reply #8 on: October 03, 2013, 06:12:26 am »
Apart from that you could also give the data in the tunnel another layer with any ecryption of choice.

You should elaborate more.
"Hacking is at least as much about ideas as about computers and technology. We use our skills to open doors that should never have been shut. We open these doors not only for our own benefit but for the benefit of others, too." - Brian the Hacker

Quote
15:04  @Phage : I'm bored of Python

Offline proxx

  • Avatarception
  • Global Moderator
  • Titan
  • *
  • Posts: 2803
  • Cookies: 256
  • ФФФ
    • View Profile
Re: SSH Tunneling still relevant?
« Reply #9 on: October 03, 2013, 06:25:55 am »
You should elaborate more.
I should.

Well for example it should be possible to use ncat with SSL  inside your ssh tunnel.
Generate some really havy keys.
Change the port to something weird to make it look like something else is going on.
There are some alternatives to ssh , maybe those can be layered in such a fashion.
Didnt take the time to read about the encryption documentation but there are tool like MOSH, LSH and many more.
You also might want to look at corkscrew , its a tool that lets you ssh through HTTP proxies , nice toys.
Quote
Q: Has your secure datagram protocol been audited by experts?

    No. Mosh is actively used and has been read over by security-minded crypto nerds who think its design is reasonable, but any novel datagram protocol is going to have to prove itself, and SSP is no exception. We use the reference implementations of AES-128 and OCB, and we welcome your eyes on the code. We think the radical simplicity of the design is an advantage, but of course others have thought that and have been wrong. We don't doubt it will (properly!) take time for the security community to get comfortable with mosh.
Dunno if thats a good thing :P
Was looking for key strenght settings but didnt find anything yet.
« Last Edit: October 03, 2013, 06:38:33 am by proxx »
Wtf where you thinking with that signature? - Phage.
This was another little experiment *evillaughter - Proxx.
Evilception... - Phage

Offline lucid

  • #Underground
  • Titan
  • **
  • Posts: 2683
  • Cookies: 243
  • psychonaut
    • View Profile
Re: SSH Tunneling still relevant?
« Reply #10 on: October 03, 2013, 07:04:20 am »
I should.

Well for example it should be possible to use ncat with SSL  inside your ssh tunnel.
Generate some really havy keys.
Change the port to something weird to make it look like something else is going on.

Cryptcat anyone?

That's a good idea. I've never thought about doing that though. Oddly enough, I've never actually heard of corkscrew. Sounds like an interesting idea though. I never really considered tunneling SSH through HTTP proxies. I figured just creating a SOCKS tunnel and browse the internet through that as being sufficient.

Shows how dumb I am.


That does not change the premise of data being clear text at two end-points, thus you most at all time rely on the recipient and yourself not to be compromised.

Which is why it's good to own all the SSH servers your tunneling through.
« Last Edit: October 03, 2013, 09:07:12 am by lucid »
"Hacking is at least as much about ideas as about computers and technology. We use our skills to open doors that should never have been shut. We open these doors not only for our own benefit but for the benefit of others, too." - Brian the Hacker

Quote
15:04  @Phage : I'm bored of Python

Offline proxx

  • Avatarception
  • Global Moderator
  • Titan
  • *
  • Posts: 2803
  • Cookies: 256
  • ФФФ
    • View Profile
Re: SSH Tunneling still relevant?
« Reply #11 on: October 03, 2013, 08:43:14 pm »
Cryptcat anyone?

That's a good idea. I've never thought about doing that though. Oddly enough, I've never actually heard of corkscrew. Sounds like an interesting idea though. I never really considered tunneling SSH through HTTP proxies. I figured just creating a SOCKS tunnel and browse the internet through that as being sufficient.

Shows how dumb I am.


Most certainly not, I speak to people daily that have far greater knowledge on many subjects.
Compared to some I feel like a complete noob, I probably am.
I can just aim to approach that level some day.
Wtf where you thinking with that signature? - Phage.
This was another little experiment *evillaughter - Proxx.
Evilception... - Phage

Offline spark

  • Serf
  • *
  • Posts: 30
  • Cookies: 3
    • View Profile
Re: SSH Tunneling still relevant?
« Reply #12 on: October 08, 2013, 10:00:46 pm »
if we suppose that RSA 1024 is no more reliable as well as ssh tunnels. How would ssh tunneling through http proxies improves encryption ?

Offline proxx

  • Avatarception
  • Global Moderator
  • Titan
  • *
  • Posts: 2803
  • Cookies: 256
  • ФФФ
    • View Profile
Re: SSH Tunneling still relevant?
« Reply #13 on: October 08, 2013, 10:07:21 pm »
if we suppose that RSA 1024 is no more reliable as well as ssh tunnels. How would ssh tunneling through http proxies improves encryption ?

It does not, I was only referring to another usefull tool.
Even if the encryption is flawed there is still something like obfustication.
« Last Edit: October 08, 2013, 10:07:40 pm by proxx »
Wtf where you thinking with that signature? - Phage.
This was another little experiment *evillaughter - Proxx.
Evilception... - Phage

Offline spark

  • Serf
  • *
  • Posts: 30
  • Cookies: 3
    • View Profile
Re: SSH Tunneling still relevant?
« Reply #14 on: October 08, 2013, 10:50:28 pm »
If by obfuscation you mean white-box cryptography, i don't know if this is the appropriate solution since obfuscation is meant to hide the decryption key even from the legitimate user.