OpenSSH connections could be cracked by this all-new cyberattack

Terrapin is able to break SSH channel integrity, researchers claim

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

Cybersecurity researchers from the Ruhr University Bochum, Germany, have discovered a way to crack OpenSSH connections and effectively break SSH channel integrity.

In anacademic paperpublished earlier this week, researchers Fabian Bäumer, Marcus Brinkmann, and Jörg Schwenk, explained that since new encryption algorithms and mitigations were added to SSH, the SSH Binary Packet Protocol is no longer a secure channel.

The vulnerability, which they dubbed Terrapin, lets attackers manipulate messages that are exchanged through the communication channel. As a result, public key algorithms that are used to authenticate users are downgraded, and the protections against keystroke timing attacks are effectively disabled.

Meeting the conditions

“The Terrapin attack exploits weaknesses in the SSH transport layer protocol in combination with newer cryptographic algorithms and encryption modes introduced by OpenSSH over 10 years ago,” the researchers explained.

What’s more, they found an implementation flaw in AsyncSSH that, together with prefix truncation, allows an attacker to redirect the victim’s login into a shell controlled by the attacker. The flaws are now tracked as CVE-2023-48795, CVE-2023-46445, and CVE-2023-46446,BleepingComputerreported.

As is usual with academic research of vulnerabilities, certain conditions need to be met before the vulnerability can be pulled off: the attackers need to be in the adversary-in-the-middle (MiTM) position at the network layer, in order to grab the handshake exchange. Furthermore, the connection must be secured by either ChaCha20-Poly1305 or CBC with Encrypt-then-MAC.

But the researchers also claim that in the real world, these conditions are being met more often than not. Apparently, 77% of SSH servers support an exploitable encryption mode, with 57% even listing one as their preferred choice.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

Vendors are now working on fixing the issue, it was later said. Among the possible solutions is a stricter key exchange which renders package injection during the handshake impossible. It will take some time before the problem is fully addressed, the researchers concluded, noting that the strict key exchange mitigation is only effected if it’s implemented on both the client and the server side.

More from TechRadar Pro

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

This new malware utilizes a rare programming language to evade traditional detection methods

A new form of macOS malware is being used by devious North Korean hackers

Arcane season 2 confirms the hit series isn’t just one of the best Netflix shows ever made – it’s an animated legend that’ll stand the test of time