Contribution per shazow's request for either a PR or wiki page on anonimity issues and default behaviors of ssh cleints.

Privacy-and-Anonymity.md

@@ -0,0 +1,43 @@
+# A Primer on Privacy, Anonymity and Security
+Cyberspace is dangerous. There are powerful entities out there who are willing to exploit you! To protect yourself effectively, you need to understand what the fundamental difference between being private and being anonymous. TLDR:<br/>
+### Being private: <br/>
+Your adversaries do not know what you are doing, but they might know your real identity.<br/>
+### Being anonymous: <br/>
+Your adversaries do not know your real identity, but they might know what you do.<br/>
+
+# The SSH Protocol and Anonymity
+SSH is not designed to preserve user privacy and anonymity by default. Below are some features and behavior that could uniquely identify you while connecting to an ssh-chat server or when you are using ssh in general:<br/>
+
+# Specific Issues when Connecting to an ssh-chat Instance
+By default, some environment variables are sent by your client and read the the ssh-chat server. This can be used to uniquely identify a user connecting to a server even if you use methods to hide your IP address.<br/>
+
+The following environment *nix environment variables are sent to and read by the server: <br/>
+### $TERM: <br/>
+The type of terminal you are using. This is used to check if your client supports ANSI escape characters and color themes. It can be used to identify what operating system you are using and what terminal you are using.<br/>
+### $USER:<br/>
+Your current local username. This is sent and read by the server to set your display name. It might leak your real identity or the alias associated with the username, leading to further disclosure if the alias has been reused. <br/>
+
+# Problematic Features in the OpenSSH Client
+Some features that are likely to be enabled by by default in the OpenSSH client used by linux distributions:<br/>
+### ssh-agent: <br/>
+ssh-agent will try all of your ssh identity keypairs found in $HOME/.ssh/ and any other directory that you configured to store ssh identities. A malicious server can log the identities sent by ssh-agent to uniquely profile a user.<br/>
+### PKCS11Provider: <br/>
+Same issue as ssh-agent, but with PKCS11 Identities.<br/>
+### ForwardAgent: <br/>
+Forwards your local connection to your authentication agent over the ssh tunnel. A malicious server can use this to attack your local machine.<br/>
+### ForwardX11: <br/>
+Redirects X11 connections over the ssh tunnel. THIS IS DANGEROUS as any remote user that can bypass file restrictions can access your local X11 display! A malicious server or any server operating in a hostile environment can attack your local machine!<br/>
+
+# Mitigations
+TODO<br/>
+
+# Page TODO:
+- Investigate and finish mitigations section
+- Investigate other ssh clients<br/>
+  - PuTTy<br/>
+  - MacOS<br/>
+  - Windows ssh client<br/>
+- Investigate openssh client features<br/>
+  - read ssh manpage<br/>
+  - read ssh_config manpage<br/>
+- Word ForwardX11 and ForwardAgent better