[kwlug-disc] Curious about SSH Key security

John Van Ostrand john at netdirect.ca
Mon Jul 26 12:02:06 EDT 2010 

----- Original Message -----
> --- On Sat, 7/24/10, John Van Ostrand <john at netdirect.ca> wrote:
> > > Security traditionally should depend.
> >
> > Not traditionally, but optimality it should.
> 
> That's what I meant: In my mind "should" was translated to optimally.
> i.e. That's what should be even if it's not what it is.
> 
> > Keep /etc/secure permissions locked down and set up sudo on
> > the remote server to only allow running the backup.sh
> > script. You could even investigate the use of restricted
> > shell for the backup user to further prevent abuse.
> 
> OK, so I am still under the same original impression. there are ways
> to secure it in the workstations but if it's not done then they are
> still a weak link.
> 
> So, people should know that using keys in an on itself is not more
> security. It is only more secure and convenient when they are properly
> secured.
> 
> Is that last statement correct/

I think your statement is generally true but it needs to be put in the proper context. The context of the thread that I presume spawned this thread was about brute force attacks.

The use of keys "exclusively" over passwords for SSH *is* more secure. For that to be true one has to disable password authentication. The next step is securing the private key, which is important to prevent casual snoopers from discovering the key.

So in better terms: "The use of keys exclusively over passwords for SSH and taking proper steps to protecting the private key file is a very secure way of using SSH."

Keys are essentially more complex passwords which guard well against brute force password guessing attacks. The downside of complexity is that they cannot be remembered and so must be stored electronically for practical use. Electronic storage invites the possibility of a hacker discovering the key without your knowledge. So unless the stored version of the key isn't itself protected, it opens the possibility to easy discovery. If the key is protected by a weak password then it may also be susceptible. 

When comparing keys to passwords keep in mind the other flaws in passwords. Not only can they be easily guessable, but some people write them down, don't change them for years and can sometimes be easily convinced to give them up to strangers (phishing, social engineering). Passwords can be made more secure by enforcing policy, to promote complexity and limit reuse, but I've always found these to cause people to write down passwords more often. How many passwords are weakly stored in your Firefox or keychain?

Also keep in mind that if a hacker has control of your workstation then there is little (s)he can't do to overcome just about any conventional security.

-- 
John Van Ostrand 
CTO, co-CEO 
Net Direct Inc. 
564 Weber St. N. Unit 12, Waterloo, ON N2L 5C6 
Ph: 866-883-1172 x5102 
Fx: 519-883-8533 

Linux Solutions / IBM Hardware

More information about the kwlug-disc mailing list