On Tue, 30 Aug 2005, Ben Johnson wrote:
On Tue, Aug 30, 2005 at 09:36:58PM -0700, Sebastian Smith wrote:
On Tue, 30 Aug 2005, Ben Johnson wrote:
On Tue, Aug 30, 2005 at 08:12:47PM -0700, Sebastian Smith wrote:
...
Why not have a passphrase-less ssh key? Well... it breaks the public key
crytography. If you don't require a passphrase there is no way to
validate that the connecting user is who they say they are (I'm sure you
I don't agree, but maybe I just don't understand.
When an ssh key public/private key pair is created I can choose to add a
layer of protection to the private half in the form of a passphrase
which, if I'm not mistaken, is used to encrypt the private key. this
makes it so I have to enter the passphrase in order to "unlock" the
private key so that I can use it. everything else is the same. right?
this would only break public key crypto if I always left my private key
in a place where someone else could reach it.
I only create passphrase-less keys using the root account on well
protected systems I admin, so it think they can be trusted pretty well.
In the strictest sense you are not breaking PKC by using a blank
passphrase. But, if you box is compromised the attacker can gain access
to remote machines without requiring proof of identity -- thus defeating
PKC (they would probably have your private key anyway, but there are ways
of defending it).
PKC security is derived from user interaction -- I can be confident that,
because your key requires a secret passphrase (and that you, and only you
will be able to enter it), signed objects have come from you, and objects
encrypted with your public key can be decrypted by you. Of course, the
key word is "confident" as anyone who knows your passphrase can masquerade
as you. Removing the passphrase from the equation virtually elimates this
"confidence", as anyone could pass as you. You eluded to this in your
statement above when you said that you think your keys can be trusted
pretty well due to the security of your systems. It's clear, in this
case, that you're not relying on PKC for security, but, rather, as a means
of thwarting the man-in-the-middle from stealing data from you.
Not sure if that makes any sense... so give me feedback.
yeah. that makes sense. I contend that my private key is password
protected though because my account is password protected. One thing a
good book, Practical Cryptography, really got across to me is security
is only as good as the weakest link. an example they used: office doors
may have locks but the walls they're set into often don't extend above
the lift-able ceiling tile. Adding a pass phrase to my private key
would raise my bar a little, but I doubt very much.
my confidence in other peoples' usage of PKC is not raised a whole lot
by knowing they have a good passphrase on their private key. For
instance, maybe people use long strings of dictionary words that may be
surprisingly crack-able, or... that private key may be located on a
public server, where I can't be sure who's got root, who is able to look
at the memory image of the user's ssh-agent process. My confidence goes
up when I'm sure people know how to keep their systems secure.
I'm always a little floored when I'm dealing with some company who wants
to generate a key pair for me and send *both* of them to me in clear
text email. it's incredible how much clueless weirdness goes on out
there.
I fully agree with all of your arguements. If practiced properly, I would
be confident in PKC, but, as you stated above, it is rarely practiced
properly.
I've never read Practical Crytography, but I definately catch Schneier's
tone in your citation. For those who like Bruce Schneier you can check
out his blog:
http://www.schneier.com/blog/
I also suggest subscribing to his monthly Crypto-Gram newsletter.
BTW... great thread! I think I'll bring it up in this months meeting for
brief discussion.
- Sebastian
_______________________________________________
RLUG mailing list
RLUG@rlug.org
http://lists.rlug.org/mailman/listinfo/rlug
