Re: SSH Passphrase
From: David M. Fetter (firstname.lastname@example.org)
Date: Wed, 05 Mar 2003 17:43:50 -0800 From: "David M. Fetter" <email@example.com> To: Stefan Lesicnik <firstname.lastname@example.org>
The private/public key encryption works like this. You generate a set
of keys one private and one public. The public one then can be placed
into the .ssh/authorized_keys file on remote servers. The
authentication is based on the public key matching up with your private
key, which only you should have. The private key should not exist any
where else or ever be shared. Then if the authentication passes, the
session connection is allowed and all of the traffic is encryption.
The default ssh configuration may not necessarily be 100% secure if
you're using keys with no passphrase. However, it is possible to make
the configuration more secure in a variety of ways. This includes
things like using tcp wrappers to restrict which specific hosts or
networks are allowed to connect, specifying strict host key checking,
specifying users who are allowed to connect, potentially disabling
password authentication, etc. So, if security is of concern by those
you are connecting to then they can take these extra precautions.
The way you describe using ssh key authentication is quite common
though. The only negative aspect is that if somebody should get access
to your account and know what server(s) the you connect to using the
keys then they have free roam because there is no passphrase. If you
are really concerned with this there are other ways you can script the
non-interaction using the ssh key authentication. There is a way
outlined in O-reilley's blue Secure Shell book how you can use ssh-agent
in a non-interactive way. You could use expect as another option. If
your script is in perl then you can use the expect.pm and I believe
there is another module that will allow you to even encrypt the
passphrase/password on the local system so that it's not shown in plain
text should someone simply read the script itself. So, there are a
variety of ways to do this in a more secure manner should you choose to
go that route.
Stefan Lesicnik wrote:
> Im fairly new to private and public key encryption, so dont quite
> understand all the concepts.
> I have the need to scp a file to a remote server without specifying the
> password as it is done from a non-interactive script.
> I have accomplished this by generating a dsa key without a passphrase.
> Although this works I am worried about the security concerns of doing
> this? (Without a passphrase, how does it authenticate? Based on the
> machines dsa key which was made from machine specific entropy?)
> I know of programs such as ssh-agent, but these require you to enter a
> passphrase at the beginning of the session which it then remembers, this
> isnt possible as it is non-interactive in my case. Does anyone have any
> ideas or comments?
> Stefan Lesicnik
-- David M. Fetter - http://www.fetterconsulting.com/ "The world is full of power and energy and a person can go far by just skimming off a tiny bit of it." Neal Stephenson - Snow Crash