Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Fri, 14 Jun 2019 13:58:33 +0200
From: Solar Designer <solar@...nwall.com>
To: john-users@...ts.openwall.com
Subject: Re: Issues cracking an ssh key

On Mon, Jun 10, 2019 at 07:25:14PM +0530, Dhiru Kholia wrote:
> On Fri, May 31, 2019 at 10:17 PM Adam Lininger <arlininger@...il.com> wrote:
> > I've got an encrypted ssh private key. I've managed to use ssh2john to
> > convert it and seem to have a crack (using --format=ssh-opencl).
> > However, the resulting passphrase doesn't decrypt the key. Instead
> > openssl errors out.
> >
> > When I use --format=ssh and a fresh pot file, the same passphrase does
> > NOT appear to crack the key. What's odd is that the ssh format warns
> > about false positives and keeps going while ssh-opencl does not.
> 
> The OpenCL SSH code is missing the "second round" (extra set) of
> verification checks IIRC, which leads to this problem of false
> positives. I am not sure how hard it would be to make the OpenCL SSH
> code as rigorous as the CPU code (I haven't seen JtR code in a while).

Meanwhile, we've just added the FMT_NOT_EXACT flag to ssh-opencl in
bleeding-jumbo, which will make it keep going after finding a guess.

The same effect can also be achieved using the "--keep-guessing" option.

Alexander

Powered by blists - more mailing lists

Your e-mail address:

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.