OpenSSH key signing service?

David Newall openssh at davidnewall.com
Mon Dec 25 16:54:48 AEDT 2017


On 25/12/17 00:11, John Devitofranceschi wrote:
> Besides ssh.com’s PrivX product, has anyone created a web service that can be used to issue temporary certkeys to authenticated users?
>
> Any pointers appreciated!

I expect that what I'm about to say is exactly what you're not 
interested in hearing, but I think it's something that should be said 
nonetheless.

The benefit of a central authority issuing a key so that a user can 
authenticate himself or herself with it is dubious at best.

First, it's backwards.  The principle of user authentication is that 
users should be free to choose their own password with which to secure 
their access, and that these passwords should be secrets known only to 
the individual users.  This is one reason why passwords are not stored.  
A public/private key pair is an alternative form of password, but, 
still, users should be free to generate their own keys, which they use 
to say, "this is me."  If a central authority generates the keys, then 
they are effectively saying, "this is you."  It's just backwards.

Second, it is more easily compromised.  Here's why: the act of 
generating a public and private key pair is approximately as secure if a 
user generates them or if a central authority generates them, and the 
act of transmitting half of the pair can be approximately as secure 
transmitting one or the other.  But, that's not to say that transmitting 
the key is without risk. Somebody could intercept the transmission and 
take a copy of the key.  If it's a public key then nothing of great 
value has been obtained.  If it's a private key then the veracity of 
authentication is completely compromised.  The public key should be sent 
from user to server; the private key must not be sent from server to user.

Third, it doesn't scale.  If every SSH server generated keys (or had 
them generated on their user's behalf), then every user would need as 
many keys as SSH servers that they used.  That's an n-squared growth of 
keys.  If users generate their own keys, they can use the same private 
key for all servers, if that's what they want.  That's a linear growth 
of keys (grows by number of users, not number of servers.)

Fourth, it's putting faith in a demonstrably untrustworthy party.  I'm 
not saying that PrivX, to use your example, cannot be trusted; I'm 
saying that no central authority can be trusted.  So many have been 
compromised that the only rational assumption is that none can be 
trusted.  Each user has his or her own security standard, and I'm 
willing to accept that a central authority is less likely to be 
compromised than a single user, but compromising a central authority 
breaks the security of all of its users, not just of a single user.

For these reasons I advise do not use a web service to create the keys 
that users can and should create for themselves.  There is nothing that 
I can see such a service offering that is of any real value, and there 
is much damage that can be wreaked by them.

The particular question was about temporary keys.  A key is only useful 
if the public half is registered.  If you want it to be temporary, 
schedule a job to remove it after the requisite time. How?  "man cron".

I apologise if my comments seem needlessly dismal or sermon-like.  I 
imagine the question was based on a notion that users are capable of 
using SSH but not capable of generating their own keys.  I reject that 
notion.  Users learn how to drive motor vehicles, and that's much harder 
than generating SSH keys.  Don't pander to mere laziness.



More information about the openssh-unix-dev mailing list