OpenSSH Wipe Keys from RAM on Suspend

James Bottomley James.Bottomley at HansenPartnership.com
Wed Sep 23 02:47:30 AEST 2020


On Sat, 2020-09-19 at 23:17 +0000, procmem at riseup.net wrote:
> Hi. There is a new cryptsetup feature that is supposed to protect
> user data while the PC is in standby. It wipes the key from RAM when
> sleep events are triggered. While it protects LUKS, other data and
> keys loaded in RAM at the time are still vulnerable to forensic
> recovery. Can you please consider adding a sleep key cache wipe
> feature to OpemSSH?

It already exists:

ssh-add -D

you just have to plumb it in to the suspend hooks.  It's also not
really the big problem: most people have gnome-keyring/kde-wallet
manage these keys.  Nowadays it runs ssh-agent under the covers and adds the keys from the config files based on the passwords in the login keyring, so you'd have to lock the login keyring as well on suspend and unlock it on resume ... probably by hooking the screensaver password in to it somehow and then have it re-populate ssh-agent.  That's a lot of highly distro specific plumbing.

James




More information about the openssh-unix-dev mailing list