Re: SSH as root

From: Greg A. Woods (woods_at_weird.com)
Date: 07/05/03

  • Next message: Tim Greer: "Re: SSH as root"
    Date: Fri, 4 Jul 2003 20:30:27 -0400 (EDT)
    To: Michael Coulter <mjc@bitz.ca>
    
    

    [ On Thursday, July 3, 2003 at 17:45:17 (-0700), Michael Coulter wrote: ]
    > Subject: Re: SSH as root
    >
    > Passwords are inferior to keys in at least 3 regards:
    >
    > - in the case of a MITM attack a password is compromised, a key is not

    SSH doesn't, or at least isn't supposed to, suffer MITM vulnerabilities
    and the passwords are (supposed to be) sent securely.

    > - in the case of the server being compromised the password is compromised, a key is not

    Well that depends on how the server is compromised. If the server is
    physically stolen, for example, then the only added risk to using normal
    unix passwords is when the same password(s) can be used to compromise
    other systems (which is unfortunately possible all too often). After
    all there's likely nothing to protect on the stolen server itself any
    more. :-)

    However on the other hand if the client is compromised then key may be
    revealed, as you say below, whereas a password may not, depending on
    exactly how the client system has been compromised.

    > - keys can be stored with a passphrase making it necessary to steal the file
    > itself as well as somehow obtain/bruteforce the passphrase, such as trojan'ing
    > the ssh client or keylogging
    >
    > Passphrases are a very good idea. However, if the client computer is compromised
    > you are in the same boat if you choose passwords, or keys with passphrases.
    > The attacker needs to steal and file and capture the passphrase in the case of keys.
    > In the case of passwords they can just capture the password itself.

    Yes, indeed, if the client system is compromised then all bets are off,
    especially if the client system is compromised in such a way that its
    users are not immediately aware of the problem and thus are susceptable
    to any number of kernel-level MITM, trojan, and data copying attacks
    which can result in both theft of identity and just plain spoofing of
    commands and data sent to the server.

    In such a scenario a key may even be less secure if it has lead the
    server adminstrator into a false sense of security and made them think
    they can trust the identity of the connecting user from more random
    source locations.

    Also if the client system is compromised by theft then a password that
    only the authorised user has in his or her memory cannot be stolen along
    with the client system and its on-disk/in-memory data.

    (of course if the client system has a wireless network connection, and
    is stolen while SSH sessions are open, then no passwords or keys are
    necessary to make use of those open sessions so long as the thief can
    stay within range of the wireless access point! ;-)

    -- 
    								Greg A. Woods
    +1 416 218-0098;            <g.a.woods@ieee.org>;           <woods@robohack.ca>
    Planix, Inc. <woods@planix.com>; VE3TCP; Secrets of the Weird <woods@weird.com>
    

  • Next message: Tim Greer: "Re: SSH as root"

    Relevant Pages

    • Re: SSH as root
      ... Server A to Server B, that if Server A was compromised, they now own Server ... see how passwords are less secure in anyone's mind, ... >> Passwords are inferior to keys in at least 3 regards: ... > unix passwords is when the same passwordcan be used to compromise ...
      (SSH)
    • Re: ssh gives "Permission denied, please try again"
      ... as secure as those Debian generated keys... ... If you always pick passwords whose first four letters are 'A' you're ... The point being that keys are not some panacia and those that think they ... lots of people attack passwords, nobody attacks keys. ...
      (uk.comp.os.linux)
    • Re: ssh gives "Permission denied, please try again"
      ... possibly have enough entropy to be secure. ... If you always pick passwords whose first four letters are 'A' you're ... The point being that keys are not some panacia and those that think they ... I've seen a lot of dictionary attacks, ...
      (uk.comp.os.linux)
    • Re: KDC Hardware
      ... both need _extra ordinary security_ so it's easier to ... has a complete copy of the Kerberos database, including the keys for every ... Recovering from such a compromise requires issuing new ... EVEN IF THE KDC IS SHUT DOWN. ...
      (comp.protocols.kerberos)
    • Re: Any Way to Defeat Cracker Login Attempts? (OS X)
      ... Ssh keys are more secure than passwords. ... By ssh keys I assume you mean PKA keys, unless I am misreading you yet ...
      (comp.sys.mac.system)