Entropy and DSA key

[Dave Dykstra]

On Tue, Nov 06, 2001 at 06:39:35PM +0100, Lutz Jaenicke wrote:
> On Tue, Nov 06, 2001 at 10:39:37AM -0600, Dave Dykstra wrote:
> > On Tue, Nov 06, 2001 at 05:23:36PM +0100, Lutz Jaenicke wrote:
...
> > > Using a seed-save file helps, but somebody could steal it, so that calling
> > > external gatherers at the time the cryptographic routines are started up
> > > is an important issue.
> > 
> > I don't buy that argument.  If somebody has the ability to steal your
> > seed-save file, that means your system has already been compromised so I
> > don't see the point of trying to secure it further, certainly not at such a
> > high cost of time spent on every ssh client startup.  I think the only
> > thing to worry about is an external attacker.
> 
> With home directories on NFS protecting the seed file is difficult and
> accessing the seed file does not necessarily require compromising the
> system. The private keys are protected by a passphrase, so while I still
> would not like people stealing the key files, there exists an additional
> line of defense.


I have never seen a NFS cluster where home directories aren't exported
read-write.  Perhaps in obscure cases they might also be exported read-only
to some more servers, but that's hardly relevant.  If they are exported
read-write, and assuming they are using a traditional non-kerberized NFS,
then anybody who can get physical access to one of the workstations or
anybody can spoof one in the DNS (which is trivial) can easily get write
access to all users' home directories.  The attacker can do absolutely
anything including modifying the user's .profile, .ssh/authorized_keys or
.rhosts, and from there log on and do anything they want.  In that case,
who cares about somebody having read access to a seed file?  It makes no
difference to overall security.  Right?  There's no point worrying about
people who use non-kerberized NFS, and kerberized NFS doesn't have a
problem.

- Dave Dykstra