Security of ssh across a LAN, public key versus password

Lucas Gabriel Vuotto lucas at sexy.is
Tue Oct 22 06:09:40 AEDT 2024


On Mon, Oct 21, 2024 at 07:26:21PM +0100, Chris Green wrote:
> It **is** possible to brute force a key passphrase, all the bits you
> need are almost certainly to hand in ~/.ssh.  However I don't think it's
> possible to brute force a password on a remote system, each login will
> take several seconds and you'll get thrown off after very few retries.

Unlike a password, tho, ssh-keygen support "-a rounds" to increase the
number of hashing rounds during key derivation, so you can set an
absurdly high number of rounds and make each key decription attempt take
one minute (or one hour, or one day. Whatever floats your boat.)

Also, with the addition of -sk keys into OpenSSH, you can make so not
all the bits are present in ~/.ssh . The "private key" is actually a key
handle which is useless without the U2F hardware.

> My public-key passphrases are going to be similar length and
> complexity to my passwords, they have to be if I'm going to be able to
> remember them.  They are mostly 11 or more characters long with all
> the 'good things' like special characters, mixed case, etc.  Thus I
> suppose they'll be difficult to guess (or brute force). However
> password login can have the same, complex, password strings so I don't
> see how using public-key helps and (as I said above) it seems slightly
> more breakable.

You could use a password manager for your SSH keys passwords.

> It's also **much** more dificult to keep all those keys etc. well
> organised.  What has brought me to this question is the mixed
> collection of RSA and ed25519 keys all over lots of systems getting
> very difficult to keep under control, and thus error prone (=insecure).
> If I went back to all passwords life would be so much easier!

I really don't get what part is difficult about this.

Storing the files on disk? Use good names.
Managing authorized_keys in remote servers? Use an OpenSSH CA and call
it a day. Bonus point: you can rotate private keys for leaves damn
quickly.



Finally, if somebody would get access to my laptop or desktop, I'd be
way more concerned about my browsers' directory than lateral movement
in my LAN.


More information about the openssh-unix-dev mailing list