OpenSSH 5.1 and ASCII Art Fingerprints
OpenSSH 5.1 is out, and besides a Security issue that does not affect Linux or the BSDs, it includes a new feature labelled VisualHostKey, aka SSH Fingerprint ASCII Visualisation. Using an idea proposed in the 1999 paper Hash visualization: A new technique to improve real-world security by Perrig and Song, an image with 18×9 resolution is generated from the fingerprint of the SSH server, and is displayed to the client.
Since the feature is experimental, and the algorithm to generate the image should not be considered final yet, display is disabled by default. You can see a test-run in the screen capture, and a (just for fun) list of images of my known hosts. I wonder how long it takes to remember that face… doesn’t it look like bit like Marge Simpson?
Now why all this, you are asking?
It is deemed that images are easier to compare and remember than the usual 32 hex digits, and I believe everyone has to judge by him/herself if that is true. How many of those SSH/OTR/SSL… fingerprint digits do you check*? All of them? Any, at all? Where did you derive your latest Firefox SSL CA certificates from? At a time where I cannot trust my provider to run a secure DNS server, verifying the authenticity of either the other side of communication, or the data in transit is most crucial. Let’s finally get that Tree Signing going!
* If you only check the first 4 digits, and the last 2 — you are riding on a 24 bit fingerprint.
Do you have an ebuild for it?
sounds very useful if there is just a couple of servers, it may be very noisy if you have thousands of servers. I’d like to try it.
Lars, there is no ebuild for it yet, but as I know our base-system team, you will not have to wait for long.
when u have more than 2-3 servers you wont remember the graphic anyway then its just wasting your screen space
tho the idea is fun and stuff =)
Cool feature, good post
does it work against “fuzzy fingerprints” (http://freeworld.thc.org/papers/ffp.html ), I mean, do the “images” look different ?
Nice, but how easy is it to produce two similar looking (at a glance) images from wildly varying keys, either deliberately or through randomness?
ircd, one of the requirements of the paper the algorithm is based on was that it is unfeasible to produce two similar images. According to the authors the algorithm will fulfill that. However, obviously the fuzzy attacks are possible on the eye, and that widens the target space for brute force attacks.