On Thu, Dec 17, 2009 at 10:44:42PM +0000, Wayne Stallwood wrote:
Chris G wrote:
No it isn't. It's in a file *at the other end* totally inaccessible to the intruder until he's guessed it. The private key on the other had *is* at the end where the intruder is so has to be encrypted.
You are taking one (relatively unlikely) attack vector where an intruder gains access to your specific machine in order to get access to another. This is the explicit case where the private key protects you and with the current state of the encryption used a brute force would be pretty much the only viable way of getting the passphrase to open the key, in which time you would hopefully have noticed the local breach and changed it. At which point they may as well have tried a direct brute force attack against sshd itself.
Normally the intruder would be coming from a different machine and wouldn't have the private key in the first place.
Not generally true unless they're doing IP spoofing as well because I only allow access from two specific IP addresses.
The important case for me is access from 'out there' in to my machine (well, in to my server machine actually, there's a further hurdle to my desktop machine). The 'out there' machines are not mine, most definitely 'untrusted', the security rules then suggest that you *shouldn't* keep any private keys there.
Don't make the mistake of dreaming up one possible attack vector and basing all your security measures upon that assumption. The fact is that if you are only allowing key based authentication then an intruder needs to break into your machine first *and* crack the passphrase on the private key. At the point your local machine is compromised and had you been using a password login to the remote system they could have just installed a keylogger or a login spoof and captured a password for the remote system anyway.
The key logger can capture my passphrase too can't it? Then the intruder has access to every system where I'm using that key.
So overall if you are using passphrase protected keys you have still increased overall security because the private key has to be stolen and compromised first. Making an attack from a machine other than yours pretty difficult and an attack from your machine as difficult as if they didn't have a password for interactive authentication (they still have to guess or capture the passphrase, which is the same effort as guessing or capturing a login password)
I can see what you're getting at and I half agree but I'm not sure that the game is worth the candle still.