question about pubkey and passphrase

Jochen Bern Jochen.Bern at
Tue Feb 11 05:03:11 AEDT 2020

On 02/10/2020 03:10 PM, Harald Dunkel wrote:
> Since Docker can bind-mount every .ssh directory I am looking for
> some way to forbid unprotected private keys.

... why aren't you worried about Docker on the *servers* stealing the
(necessarily passphrase-less) *host* privkeys if it can really grab
whatever it likes? Or *TONS* of data it shouldn't have access to, if the
server runs anything perpendicular to that one Docker container's
purpose ...

> AFAICS it is currently not possible on the sshd to verify that
> the peer's private key was protected by a passphrase. Can you
> confirm?

In the general case, the client connecting may have the privkey in the
standard location, elsewhere (-i option), pre-loaded into ssh-agent,
stored in a file with a *different* format (e.g., PuTTY instead of
OpenSSH), etcetera.

In particular in the case of ssh-agent, the software doing the
authentication (ssh-agent, ssh, and sshd) has no information about the
*file* the privkey originally came from (as that was handled by
ssh-add), much less whether that one was protected at that time, or
still is now.

*If* you have enough control over the clients to run a file scan on
*them* and have the result reported back to you every now and then, you
could try to permanently invalidate "offending" privkeys by distributing
a collection of the corresponding pubkeys to your servers and pointing
sshd at it with the RevokedKeys config.

(Note, however, that offhand, I cannot find a command that allows you to
derive a pubkey from a privkey, or confirm that a given pubkey
corresponds to some (even nonencrypted) privkey. Think "evil user makes
a dozen copies of some newly created, unencrypted privkey, adds the
sysadmins' pubkeys in files with corresponding filenames, and waits for
your next scan".)

Kind regards,
Jochen Bern

Binect GmbH

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4278 bytes
Desc: S/MIME Cryptographic Signature
URL: <>

More information about the openssh-unix-dev mailing list