NAME
esm - encrypted session manager
SYNOPSIS
esm [-lrs] [-e command]
DESCRIPTION
esm manages a simple encrypted session protocol. When first invoked
from an interactive shell, it provides a transparent pseudo-terminal
session on the local machine. When invoked from within an existing ESM
session, however, the two ESM processes can automatically encrypt all
traffic passed between them. Typically, the second session is executed
on a remote networked machine reached by using the initial session to
invoke, e.g., the telnet(1) program.
Ordinarily, ESM is run first on the local machine in "local" mode ("esm
-l"). The resulting session is used to establish a connection (over a
possibly insecure network) to a remote machine on which esm is run in
"server" mode ("esm -s"). Encrypted sessions are always initiated by
the remote esm process. Remote mode can be invoked in two ways. esm
-s will attempt to initiate an encrypted session immediately after
starting. esm -r will start the remote session in cleartext mode; a
user escape sequence ("control-^" followed by "s") switches to the
encrypted session mode. "Control-^ ?" provides a list of other
options.
Encrypted sessions use two-key (112 bit) triple DES in 8-bit cipher
feedback mode. A 1024-bit Diffie-Hellman key exchange protocol is used
to establish the session key; the implementation of this protocol is
based on the RSA Laboratories RSAREF 2.0 library. All encrypted
traffic is encoded using a simple ASCII hexadecimal representation;
this reduces encrypted terminal bandwidth by a factor of just over two
compared with cleartext mode.
OPTIONS
-l Local mode. This establishes the initial session and provides a
transparent pseudo-terminal interface until an encrypted session
is initiated on the "master" (shell) side by a remote server.
This is also the default mode if no command line flag is
specified.
-r Remote mode. Provides a transparent pseudo terminal session on
the remote machine, with the ability to initiate an encrypted
session with the "slave" (terminal) side of the connection.
-s Remote mode. Immediately attempts to initiate an encrypted
session with the "slave" (terminal) side of the connection.
This mode is guaranteed to never operate in cleartext mode.
-e command
Executes command on the master side of the session. By default
ESM executes the value of the SHELL environment or, if that is
not set, /bin/sh.
BUGS
ESM is not a replacement for a complete link, network or transport
layer security protocol. In particular, nothing is authenticated and
traffic is only protected once the session has started (which may occur
after sensitive information like login passwords have already been sent
in the clear).
Because nothing is authenticated, the protocol is vulnerable to several
variations of the so-called "man-in-the-middle" active attack. ESM
should be regarded as secure only against passive attacks.
ESM is slow. It takes a long time to generate the high-entropy random
numbers required for the key agreement parameters. The ASCII encoding
of the encrypted traffic noticeably reduces effective bandwidth and
increases response time.
The session keys may not be random on all platforms. The random number
generator relies on variations in clock rate and other hard to predict
factors. Test these assumptions carefully before trusting ESM on a new
machine or operating system.
AUTHOR
Matt Blaze, mab@research.att.com (for ESM and CFS problems, use
cfs@research.att.com).