Re: SSH Passphrase

From: Doug Kelly (dougk-bugtraq@dougk-ff7.net)
Date: 03/06/03

  • Next message: Luigi Grandini: "Re: Firewall log analyzer for CIsco PIX?" 
    Date: 6 Mar 2003 04:58:34 -0000
From: Doug Kelly <dougk-bugtraq@dougk-ff7.net>
To: security-basics@securityfocus.com
    ('binary' encoding is not supported, stored as-is) In-Reply-To: <1046898407.2124.24.camel@odie.lsd.za.com>

    >Subject: SSH Passphrase
    >From: Stefan Lesicnik <lists@lsd.za.com>

    >I have the need to scp a file to a remote server without specifying the
    >password as it is done from a non-interactive script.

    >I have accomplished this by generating a dsa key without a passphrase.
    >Although this works I am worried about the security concerns of doing
    >this? (Without a passphrase, how does it authenticate? Based on the
    >machines dsa key which was made from machine specific entropy?)

    >I know of programs such as ssh-agent, but these require you to enter a
    >passphrase at the beginning of the session which it then remembers, this
    >isnt possible as it is non-interactive in my case. Does anyone have any
    >ideas or comments?
    >
    >TIA
    >Stefan Lesicnik

    This is probably the worst explanation you'll ever hear about
    public/private key exchange. Basically, it's not good practice to keep a
    private key without a passphrase. Why? Because anyone with that key can
    now sign into your server -- no questions asked. It's like a credit card
    or bank card -- you want the PIN on it. I can't really explain
    public/private key exchange that well, it's slightly involved, but I can
    tell you it makes use of very large floating point computations and
    modular arithmetic. I know "The Code Book" by Simon Singh (I think that's
    right) has some more information on this.

    The way I would conquer your problem would be by creating a new account
    (one that has very few permissions). You should be able to use the public
    key with that, although I'd still protect your private key (again, keys to
    car, bank account, etc.). Then, even if your private key is compromised,
    the intruder would have very limited access -- only to that one directory
    you gave the user access to write. Assuming you're making backups, even
    if something critical was deleted, it could be restored. That's my best
    recommendation. But please, protect the private key!!!

    --Doug Kelly
    dougk-bugtraq@dougk-ff7.net

  • Next message: Luigi Grandini: "Re: Firewall log analyzer for CIsco PIX?"

    Relevant Pages

    • Re: Feature request
      ... >>case why can that not be send across on request in the handshake phase? ... > change his private key in any way, he could no longer be authenticated ... the passphrase is ... but the passphrase belongs to the private keyfile. ...
      (comp.security.ssh)
    • Re: SSH publickey auth
      ... > The goal of using Identity/Pubkey authentication is to remove the need ... > can prove you have the public and private key then you are granted ... You see here the mention of the "passphrase"? ... > authentication credentials 'follow' you. ...
      (Fedora)
    • Re[2]: Crypto Question
      ... N> If I'm not mistaken, though, the passphrase on the PGP private key is ... N> simply a bit of symmetric-key encryption to help protect your private ... N> I've never really looked at the internal workings of PGP (but I ...
      (Security-Basics)
    • Re: usefulness of changing ssh ports
      ... RY> So, it you DO use a passphrase to protect your keys, then the ... RY> chance of a successful attack are about the same as guessing your ... I'd say that overall, publickey is stronger, but there are other ... your private key file, ...
      (comp.security.ssh)
    • Re: Crypto Question
      ... > the passphrase used for the private key? ... > 'password' then does it become irrelevant what key size I use to encrypt ... is only supposed to protect the private key. ... PGP / XML GATEWAY APPLIANCE ...
      (Security-Basics)