Secure Shells in Shambles
Unknown
Black Hat USA 2024 · Day 1 · Briefing
This talk, "Secure Shells in Shambles," delves into the complex and often fragmented ecosystem of **Secure Shell (SSH)**, a protocol critical for internet administration. Presented by HD and Rob, the session highlights the evolution of SSH, its ubiquitous presence, and a range of vulnerabilities—both historical and newly discovered—that challenge its perceived security. The speakers emphasize that while OpenSSH and Dropbear dominate the landscape, a significant "long tail" of custom and embedded SSH implementations, particularly in networking, storage, OT/ICS, and development tools, presents a fertile ground for novel attacks.