On Tue, 14 Apr 2020 11:48:29 +0000 Alan Altmark <[email protected]> wrote:
> If the symmetric key is known by a 3rd party, the strength of > symmetric encryption is irrelevant. > > Weaknesses in TLS and ssh are not around the symmetric ciphers. They > are around the handshakes that establish the symmetric key. > > I consider ssh key exchange weaker than TLS because it doesn’t use a > PKI. The public-private key pairs never expire and are under end user > control, as are the algorithms for symmetric key exchange. Further, > there’s no equivalent of “certificate validation.” It't a little surprising to me that ssh certificates are not widely known. There is a kind of CA available with ssh, that circumvents most of the typical weaknesses with distributing public keys or "Trust on First USE". The ssh ca does not have anything in common with SSL, it is a totally different thing, so please don't confuse it. What you do is, create a ssh that signs both, public key of sshd on the target system as well as the public key of the user. This can be done time limited, and also allows for so called principals. It takes a little more effort to do the setup of a machine, but then, it allows a CA to grant access to users without touching the server. It also prevents the user from having to trust on first use, because the machine public key is also signed by the trusted CA. I just did a short google search to find a more detailed description, there might be better documentations around, but this looks ok: https://smallstep.com/blog/use-ssh-certificates/ So yes, doing public key authentication in the old way like distributing public keys to servers and TOFU (Trust on First USE) is kind of flawed. Using certificates needs more effort, but after you got a CA, it probably only has advantages. I have done that on Linux on Z, therefore I know it works... Maybe I will try on USS, however that involves more talking to other people... Berthold ---------------------------------------------------------------------- For LINUX-390 subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO LINUX-390 or visit http://www2.marist.edu/htbin/wlvindex?LINUX-390
