HostKeyAgent from hardware

Daniel Kahn Gillmor dkg at fifthhorseman.net
Fri May 29 08:23:50 AEST 2015


On Thu 2015-05-28 16:49:45 -0400, Mike Tancsa wrote:
> I have been exploring generating a host's RSA key from a PKCS#15 token. 
>   I got it to work with an old SafeNet/Aladdin eToken (non java version) 
> using OpenCT and OpenSC on FreeBSD.  (The steps I used at 
> http://www.tancsa.com/mdtblog/?p=73).

My guess is that these devices would be too slow for use on the public
internet -- i've seen many of them take > 1 second for a 2048-bit RSA
secret key operation.  Since the server has to sign part of the
handshake relatively early (before the client is authenticated), an
attacker could tie up the token just by starting a handshake and forcing
the signature, i think.  

This would make your server trivially easy to DoS at a very low
bandwidth, no?  I haven't tried the attack myself.

> Apart from this increasingly hard to get bit of hardware, what other 
> hardware devices are people using to access ssh host keys in where 
> necessary with OpenSSH in the *BSD or Linux world ? Hopefully devices 
> that have quantities of < 50 available, and I dont have to be a country 
> to buy them ? Or do people just look for servers that have TPMs 
> integrated into them ?

I'd be curious to hear other answers to this too.

    --dkg


More information about the openssh-unix-dev mailing list