Trick user to send private key password to compromised host
Jefferson.Ogata at noaa.gov
Wed May 14 02:56:49 EST 2008
On 2008-05-13 16:33, Dan Yefimov wrote:
> On Tue, 13 May 2008, Roman Fiedler wrote:
>>> What the attacker can gain from discovering private key encryption password?
>>> The private key itself is located on the host the ssh is invoked on, not on the
>>> remote and probably compromised one.
>> This is correct, but
>> a) the attacker could have captured the key before by other means, but
>> it was not yet useful (e.g. from some backup that became accessible,
>> from some network dump when the key was stored via nfs/cifs once)
> The private key is NEVER transmitted via the network by SSH. That is why the
> public key authentication is by default secure.
>> b) the password could have been used also for other resources
> This problem along with backups or NFS/CIFS traffic dumps being available to
> the attacker has nothing to do with OpenSSH at all. Those are political and too
> generic issues. If you care so much about security, keep your backups in a
> secure place and never use NFS-backed homes over insecure networks. As for
> CIFS, AFAIK it can use SSL.
Of course this is an issue for openssh; matters such as network home
directories and backup policies are not under openssh's control, but
openssh's private key handling IS under openssh's control. Do you even
understand the purpose of the private key passphrase? It appears not...
Openssh can and should write something indicating the the private key
was successfully decrypted before continuing authentication, let alone
requesting a shell. Arguably it should similarly print something if the
private key was successfully retrieved from ssh-agent. This feature
could be under control of a directive, of course.
Jefferson Ogata <Jefferson.Ogata at noaa.gov>
NOAA Computer Incident Response Team (N-CIRT) <ncirt at noaa.gov>
"Never try to retrieve anything from a bear."--National Park Service
More information about the openssh-unix-dev