There are two critical differences between SSH keys and the .bir fingerprint file:
1. What they are authenticating you for. SSH keys are typically used to authenticate you to a (probably unprivileged) user login shell on a remote machine. If you compromise my SSH key and can login to my webserver, the SSH key does not authenticate you for privilege escalation (sudo) on the remote host. The .bir file, on the other hand, authenticates you not only for a login shell as your local user; but also for sudo (if you have admin privileges). 2. SSH keys can easily be password protected. It is less obvious how a .bir file could be protected by a password. It might be possible to password protect the .bir file, then sign it w/ some certificate known to root, so an attacker could not just replace the file w/ one matching their finger print. tf-tool would require password authentication before generating a new, system-signed .bir file. This, of course, would not address the weakness of fingerprint authentication in general, nor would it prevent the $PATH attack. -- Fingerprints stored in unsafe location https://bugs.launchpad.net/bugs/235297 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
