Re: SSH as root
From: Greg A. Woods (woods_at_weird.com)
Date: Fri, 4 Jul 2003 20:30:27 -0400 (EDT) To: Michael Coulter <firstname.lastname@example.org>
[ On Thursday, July 3, 2003 at 17:45:17 (-0700), Michael Coulter wrote: ]
> Subject: Re: SSH as root
> Passwords are inferior to keys in at least 3 regards:
> - in the case of a MITM attack a password is compromised, a key is not
SSH doesn't, or at least isn't supposed to, suffer MITM vulnerabilities
and the passwords are (supposed to be) sent securely.
> - in the case of the server being compromised the password is compromised, a key is not
Well that depends on how the server is compromised. If the server is
physically stolen, for example, then the only added risk to using normal
unix passwords is when the same password(s) can be used to compromise
other systems (which is unfortunately possible all too often). After
all there's likely nothing to protect on the stolen server itself any
However on the other hand if the client is compromised then key may be
revealed, as you say below, whereas a password may not, depending on
exactly how the client system has been compromised.
> - keys can be stored with a passphrase making it necessary to steal the file
> itself as well as somehow obtain/bruteforce the passphrase, such as trojan'ing
> the ssh client or keylogging
> Passphrases are a very good idea. However, if the client computer is compromised
> you are in the same boat if you choose passwords, or keys with passphrases.
> The attacker needs to steal and file and capture the passphrase in the case of keys.
> In the case of passwords they can just capture the password itself.
Yes, indeed, if the client system is compromised then all bets are off,
especially if the client system is compromised in such a way that its
users are not immediately aware of the problem and thus are susceptable
to any number of kernel-level MITM, trojan, and data copying attacks
which can result in both theft of identity and just plain spoofing of
commands and data sent to the server.
In such a scenario a key may even be less secure if it has lead the
server adminstrator into a false sense of security and made them think
they can trust the identity of the connecting user from more random
Also if the client system is compromised by theft then a password that
only the authorised user has in his or her memory cannot be stolen along
with the client system and its on-disk/in-memory data.
(of course if the client system has a wireless network connection, and
is stolen while SSH sessions are open, then no passwords or keys are
necessary to make use of those open sessions so long as the thief can
stay within range of the wireless access point! ;-)
-- Greg A. Woods +1 416 218-0098; <email@example.com>; <firstname.lastname@example.org> Planix, Inc. <email@example.com>; VE3TCP; Secrets of the Weird <firstname.lastname@example.org>