Tens of thousands of home routers at risk with duplicate SSH keys

Discussion in 'other security issues & news' started by ronjor, Feb 19, 2015.

  1. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,725
    Location:
    Texas
  2. Yuki2718

    Yuki2718 Registered Member

    Joined:
    Aug 15, 2014
    Posts:
    1,257
    It's stupid. Of course using same copied key is stupid, but implement SSH for home router would be even more stupid if it was NOT just an option which is disabled by default.
     
  3. Veeshush

    Veeshush Registered Member

    Joined:
    Mar 16, 2014
    Posts:
    643
    Because they're probably running some version of OpenWRT or something which uses Dropbear. They do this so you can use putty or the like and setup stuff, in a Linux terminal fashion, in case there's not even a GUI installed on the router or for all the same reasons you'd use a terminal in Linux (because it is Linux).
     
  4. Yuki2718

    Yuki2718 Registered Member

    Joined:
    Aug 15, 2014
    Posts:
    1,257
    So probably they cut all corners.
    Whatever they based on, they should manage and test their product, and for home user command line interface as well as SSH is not needed. If it was not corner-cutting or bad accident, it could be accused as backdoor attempt.
     
  5. Veeshush

    Veeshush Registered Member

    Joined:
    Mar 16, 2014
    Posts:
    643
    Nah, for sure they messed up their configuration. I'm just pointing out that having SSH functions are typical for Linux based routers like the WRT types.

    But if these routers are indeed running Linux then it shouldn't be that hard to just flash them with OpenWRT or something to replace the stock. Depends on the models affected.
     
Loading...