Post AwhyTO72fb3CzBC2Jk by msw@mstdn.social
(DIR) More posts by msw@mstdn.social
(DIR) Post #AwhyTLyobDHWN5KRDU by adamshostack@infosec.exchange
2025-07-30T23:04:43Z
0 likes, 0 repeats
Are there sshd state machines? I'm looking for one that covers "root," "running as user" and "spawning shell"*?I've found https://www.researchgate.net/figure/Abstract-description-of-SSH2-with-Diffie-Hellman-key-exchange_fig2_241880255 and Figure 5 of https://www.cs.ru.nl/bachelors-theses/2017/Toon_Lenaerts___4321219___Improving-protocol-state-fuzzing-of-SSH.pdf) (*This assumes my recollection that sshd replaced /bin/login is accurate)
(DIR) Post #AwhyTNAu9kXw4rzbhQ by msw@mstdn.social
2025-07-31T22:18:25Z
0 likes, 0 repeats
@adamshostack There's this CryptoVerif model of the transport protocol, but it sounds like you want a model of the daemon process? https://bblanche.gitlabpages.inria.fr/publications/CadeBlanchetJoWUA13.pdf
(DIR) Post #AwhyTO72fb3CzBC2Jk by msw@mstdn.social
2025-07-31T22:20:07Z
0 likes, 0 repeats
@adamshostack Maybe something more like this historic relic from the pre-privsep days?http://niels.xtdnet.nl/ssh/privsep.html
(DIR) Post #AwhyTP5J3XFy05OAFc by adamshostack@infosec.exchange
2025-07-31T22:27:16Z
0 likes, 0 repeats
@msw Yeah, that! cc @mwl
(DIR) Post #AwhyTQIoWnehmGiSwa by adamshostack@infosec.exchange
2025-07-31T22:29:16Z
0 likes, 0 repeats
@msw @mwl Also cc @bsdphk @jawnsy @ricci
(DIR) Post #AwhyTRC7DBtKXmad8q by msw@mstdn.social
2025-07-31T22:34:48Z
0 likes, 0 repeats
@adamshostack @mwl @bsdphk @jawnsy @ricci A reminder yet again to be thankful for all the pioneering work of Solar Designer... one of the first examples of privsep.https://www.openwall.com/popa3d/DESIGN.shtml
(DIR) Post #AwhyTS2a47rJAV8Wv2 by adamshostack@infosec.exchange
2025-07-31T22:47:36Z
0 likes, 0 repeats
@msw These are really useful, thank you! Do you know of more modern examples?(cc @mwl @bsdphk @jawnsy @ricci )
(DIR) Post #AwhyTT6A8IJmRtou8m by msw@mstdn.social
2025-07-31T23:00:19Z
0 likes, 0 repeats
@adamshostack @mwl @bsdphk @jawnsy @ricci For SSH in particular? Or for other UNIX-y daemons and how they progress through privilege transitions?
(DIR) Post #AwhyTToTTXlOfKYID2 by adamshostack@infosec.exchange
2025-07-31T23:02:45Z
0 likes, 0 repeats
@msw @mwl @bsdphk @jawnsy @ricci Any system whose security matters where the system is depicted with a state machine.
(DIR) Post #AwhyTUZceFTf1YbwhM by msw@mstdn.social
2025-07-31T23:03:57Z
0 likes, 0 repeats
@adamshostack @mwl @bsdphk @jawnsy @ricci cool, then definitely look at s2n (in a spur of the thread) as a modern case study, IMHO.
(DIR) Post #AwhyTVAURAy4rtrOAC by msw@mstdn.social
2025-07-31T23:25:11Z
0 likes, 0 repeats
@adamshostack @mwl @bsdphk @jawnsy @ricci A depiction is nice to have. Formal proof that code implements a specification is better...(context is a sister project to s2n--the libcrypto parts)https://sos-vo.org/system/files/2024-05/Formal%20Verification%20of%20AWS-LibCrypto_1.pdf
(DIR) Post #AwhyTVhSSbL6W9HiYC by ricci@discuss.systems
2025-07-31T23:54:35Z
0 likes, 0 repeats
@msw @adamshostack @mwl @bsdphk @jawnsy FWIW I don't think I have anything to contribute here, yes, we have studied ssh attacks, but they have pretty much just been at the level of what shows up in the logfiles which, at least by default is pretty much just connect / auth /disconnect messages
(DIR) Post #AwhyTaPYwYzn85wzqq by msw@mstdn.social
2025-07-31T23:02:18Z
0 likes, 0 repeats
@adamshostack @mwl @bsdphk @jawnsy @ricci When it comes to using simple state machines to build robust implementations of protocols, the TLS state machines in the s2n library comes to mind. https://github.com/aws/s2n-tls/blob/main/docs/STATE-MACHINE.md
(DIR) Post #AwhyTiJTZ4sddXAFTU by msw@mstdn.social
2025-07-31T23:03:13Z
0 likes, 0 repeats
@adamshostack @mwl @bsdphk @jawnsy @ricci this guide goes into the design philosophy https://github.com/aws/s2n-tls/blob/main/docs/DEVELOPMENT-GUIDE.md#control-flow-and-the-state-machine