Hello, OpenSSH-wizards. In our company, we have looked into SSH-HostKey-signing in order to realize automated access without the need to accept the server's hostkey, manually. I got it to work with the HostCertificate-directive inside the sshd_config. Now, I was wondering whether it is possible to have multiple signatures, so I can, for example, sign the hostkey once with a company-internal CA to prove to my colleagues that the server belongs to our company and to sign again with another CA that belongs to say a specific project so all the servers in this project can be sure to talk to another project server. Furthermore, I did not find out, how I would sign different hostkey- types. (Like RSA and ECDSA.) Is it possible to realize both? Thanks and best regards, Jan -- Mit freundlichen Gr??en Jan Bergner DevOps-Engineer | Corporate Information Management Arvato Supply Chain Solutions Gottlieb-Daimler-Str. 1 33428 Harsewinkel Deutschland Telefon: +49 (5241) 80 - 40354 jan.bergner at arvato.com<mailto:michael.nagel at bertelsmann.de> <http://www.arvato-supply-chain.com>http://www.arvato-supply-chain.com Arvato Distribution GmbH | Sitz Harsewinkel | Amtsgericht G?tersloh HRB 2200 Gesch?ftsf?hrer: Andreas Barth, Carsten Coesfeld, Frank Schirrmeister, Boris Scholz, Dr. Thorsten Winkelmann ________________________________ Diese E-Mail und eventuelle Anlagen k?nnen vertrauliche und/oder rechtlich gesch?tzte Informationen enthalten. Wenn Sie nicht der richtige Adressat sind oder diese E-Mail irrt?mlich erhalten haben, informieren Sie bitte sofort den Absender und vernichten Sie diese E-Mail. Das unerlaubte Kopieren sowie die unbefugte Weitergabe dieser E-Mail sind nicht gestattet.
On Mon, 21 Oct 2019, Bergner, Jan, A-SCM-CIM-SD wrote:> Hello, OpenSSH-wizards. > > In our company, we have looked into SSH-HostKey-signing in order to > realize automated access without the need to accept the server's > hostkey, manually. > > I got it to work with the HostCertificate-directive inside the > sshd_config. > > Now, I was wondering whether it is possible to have multiple > signatures, so I can, for example, sign the hostkey once with a > company-internal CA to prove to my colleagues that the server belongs > to our company and to sign again with another CA that belongs to say > a specific project so all the servers in this project can be sure to > talk to another project server.First off: typically host key certificates are made to identify a server back to some root of trust and not to implement any sort of host-level access control, which is what your mention of "project servers" makes me think of. If you want to control which hosts are able to connect to which other hosts, then host certificates are not the feature you're looking for. With tha being said, unfortunately, the SSH protocol is limited to sending a single hostkey from the the server to the client during connection establishment. The client gets to choose they type of the hostkey only. So having multiple signatures over the same type of host key isn't practical. You can specify multiple keys of the same type in sshd_config but the server will only send the first one that was specified. I think the best you could do at present if you want host keys signed by different CA is to choose different types of host key (e.g. ecdsa vs ed25519), get one type signed by one CA and the other by the other CA, and configure the clients to prefer the key type corresponding to the CA that they expect. It's not a great solution, but it would probably work.> Furthermore, I did not find out, how I would sign different hostkey- > types. (Like RSA and ECDSA.)It's definitely possible to sign hostkeys of one type with a CA key of another type (just don't use DSA). -d
Thank you for your insights, Damien. I think, you basically answered all my questions. On Di, 2019-10-22 at 11:43 +1100, Damien Miller wrote:> On Mon, 21 Oct 2019, Bergner, Jan, A-SCM-CIM-SD wrote: > > > Hello, OpenSSH-wizards. > > In our company, we have looked into SSH-HostKey-signing in order to > realize automated access without the need to accept the server's > hostkey, manually. > > I got it to work with the HostCertificate-directive inside the > sshd_config. > > Now, I was wondering whether it is possible to have multiple > signatures, so I can, for example, sign the hostkey once with a > company-internal CA to prove to my colleagues that the server belongs > to our company and to sign again with another CA that belongs to say > a specific project so all the servers in this project can be sure to > talk to another project server. > > First off: typically host key certificates are made to identify a > server > back to some root of trust and not to implement any sort of host- > level > access control, which is what your mention of "project servers" makes > me think of. If you want to control which hosts are able to connect > to > which other hosts, then host certificates are not the feature you're > looking for.That is clear to us. We have a setup, where we deploy SSH-Keys to the systems that need them. We only want to get rid of the manual hostkey confirmation, so we can automate things. So, in simple terms, we want to make a couple of SSH-clients trust a couple of servers by default in a secure way.> > With tha being said, unfortunately, the SSH protocol is limited to > sending a single hostkey from the the server to the client during > connection establishment. The client gets to choose they type of the > hostkey only. > > So having multiple signatures over the same type of host key isn't > practical. You can specify multiple keys of the same type in > sshd_config > but the server will only send the first one that was specified.I'd thought so from my own tests. Thanks for the confirmation.> > I think the best you could do at present if you want host keys signed > by different CA is to choose different types of host key (e.g. ecdsa > vs > ed25519), get one type signed by one CA and the other by the other > CA, > and configure the clients to prefer the key type corresponding to the > CA > that they expect. It's not a great solution, but it would probably > work.Okay. Would I specify that in sshd_config with multiple HostCertificate- statements or would I rather have multiple signed keys in one file? (One signature each line?)> > > Furthermore, I did not find out, how I would sign different hostkey- > types. (Like RSA and ECDSA.) > > It's definitely possible to sign hostkeys of one type with a CA key > of > another type (just don't use DSA). > > -dThanks again and best regards, Jan> >-- Mit freundlichen Gr??en Jan Bergner DevOps-Engineer | Corporate Information Management Arvato Supply Chain Solutions Gottlieb-Daimler-Str. 1 33428 Harsewinkel Deutschland Telefon: +49 (5241) 80 - 40354 jan.bergner at arvato.com http://www.arvato-supply-chain.com Arvato Distribution GmbH | Sitz Harsewinkel | Amtsgericht G?tersloh HRB 2200 Gesch?ftsf?hrer: Andreas Barth, Carsten Coesfeld, Frank Schirrmeister, Boris Scholz, Dr. Thorsten Winkelmann Diese E-Mail und eventuelle Anlagen k?nnen vertrauliche und/oder rechtlich gesch?tzte Informationen enthalten. Wenn Sie nicht der richtige Adressat sind oder diese E-Mail irrt?mlich erhalten haben, informieren Sie bitte sofort den Absender und vernichten Sie diese E-Mail. Das unerlaubte Kopieren sowie die unbefugte Weitergabe dieser E-Mail sind nicht gestattet.
Possibly Parallel Threads
- hostbase authentication of hostcertificate
- client host certificates and receiving host configuration
- [PATCH 0/2] Specify signature algorithm during server hostkeys prove
- client host certificates and receiving host configuration
- [Bug 1279] Address- and/or port-specific HostKeys support