OpenSSH 5.1 J-PAKE Bypass

TL;DR

CVE-2010-4478 affects OpenSSH versions before 5.3, allowing an attacker to potentially bypass authentication by exploiting a flaw in the J-PAKE key exchange parameter validation. This guide details how to test for and mitigate this vulnerability.

Understanding the Vulnerability

J-PAKE (Java Password Authenticated Key Exchange) was included in OpenSSH as an alternative authentication method. CVE-2010-4478 arises because OpenSSH 5.1 and earlier versions do not properly validate the parameters exchanged during the J-PAKE negotiation. An attacker can send crafted parameters, leading to a successful authentication even without knowing the correct password.

Testing for Vulnerability

1. Check OpenSSH Version: First, determine your OpenSSH version.

   ssh -V

   If the output shows a version less than 5.3, you are potentially vulnerable.

2. Attempt J-PAKE Authentication (if enabled): This is harder to do directly without knowing if J-PAKE is configured on the server. You’ll need to try connecting with a client that supports it and monitor server logs.

   If you have access to a client capable of initiating J-PAKE, attempt a connection. Look for error messages or unusual behaviour in the server’s authentication logs (typically /var/log/auth.log on Debian/Ubuntu systems, or /var/log/secure on Red Hat/CentOS).

Mitigation Steps

1. Upgrade OpenSSH: The most effective solution is to upgrade OpenSSH to version 5.3 or later.
   • Debian/Ubuntu:

     sudo apt update

     sudo apt upgrade openssh-server

   • Red Hat/CentOS:

     sudo yum update openssh-server

2. Disable J-PAKE Authentication: If upgrading is not immediately possible, disable J-PAKE authentication in the OpenSSH configuration file.
   • Edit /etc/ssh/sshd_config as root.
   • Find the line containing PasswordAuthentication yes and ensure that PubkeyAuthentication yes is also present (this is important).
   • Add or modify the following lines:

     KexAlgorithms !diffie-hellman-group1,diffie-hellman-group14,diffie-hellman-group16,diffie-hellman-group18

     PasswordAuthentication no

   • Restart the SSH service:

     sudo systemctl restart sshd

3. Firewall Rules: While not a direct mitigation, restricting access to your SSH port (port 22 by default) can reduce the attack surface.

Verification

1. Re-check OpenSSH Version: Confirm that the upgrade was successful by running ssh -V again.
2. Test Authentication: Attempt to connect using J-PAKE (if you have a client) after disabling it in the configuration file. You should no longer be able to authenticate successfully.