CentOS - Apr 2008 - SSH Question relating to Public and Private Keys

Hi People,

The Linux Environment I am responsible for is using ssh key pairs to 
allow access to a number or accounts on a number Linux Servers.  I 
currently have the opportunity to re-design some of this.  So I would 
like to tap into peoples experiences to see what might be some good 
changes to make.  Specifically I have a couple of questions

1. Currently all of the key pairs we are using have empty passphrases is 
it worth the effort of changing this and setting up ssh-agent compared 
to what you gain in security by doing this ?

2. At this stage I am going to use RSA Keys of the default size, is this 
generally the best approach?


Thanks for any thoughts, and have a nice day :)

Clint Dilks wrote:
> 1. Currently all of the key pairs we are using have empty passphrases is 
> it worth the effort of changing this and setting up ssh-agent compared 
> to what you gain in security by doing this ?
Certainly, adding passphrases nudges the security up a step, as 
otherwise a compromised account means the offender can log onto any 
other system - or in the case of compromised root, can log in anywhere 
as anyone..

It comes down to, like all security measures, a balancing act between 
security and ease-of-use.. You need to take into consideration what data 
is around the systems, and what the worst case scenario would be..

-- 
Cheers,
Morten

On Tue, Apr 15, 2008 at 7:56 AM, Clint Dilks <clintd at
scms.waikato.ac.nz> wrote:
>  1. Currently all of the key pairs we are using have empty passphrases is
it
> worth the effort of changing this and setting up ssh-agent compared to what
> you gain in security by doing this ?
Sure. In the first case someone would only need the key to get into a
machine, in the second case you need a key and a passphrase.

Of course, that's stating the obvious, but it clearly adds a layer of
security. So, do you want to trade security for comfort? I wouldn't,
but that's your choice to make.
>  2. At this stage I am going to use RSA Keys of the default size, is this
> generally the best approach?
While asymmetric cryptography is slow, the RSA keys are used to
exchange keys for (fast) symmetric cryptography. So, it's usually a
good idea to create large keys. Fortunately, the default in OpenSSH is
2048, which seems to be a fair key size.

-- Daniel

On Tue, 2008-04-15 at 17:56 +1200, Clint Dilks wrote:
> Hi People,
> 
> The Linux Environment I am responsible for is using ssh key pairs to 
> allow access to a number or accounts on a number Linux Servers.  I 
> currently have the opportunity to re-design some of this.  So I would 
> like to tap into peoples experiences to see what might be some good 
> changes to make.  Specifically I have a couple of questions
> 
> 1. Currently all of the key pairs we are using have empty passphrases is 
> it worth the effort of changing this and setting up ssh-agent compared 
> to what you gain in security by doing this ?
Keeping in mind what the other responders have said, you need to do at
least an informal risk analysis to determine whether it is worth the
effort. Without going into all the formalities of assessment, reduction,
acceptance, assignment, ...

How sensitive is the data and how critical are the functions that that
could be disrupted? What is the scope of exposure to intrusion from
outside the organization (LAN, firewalls, in place, etc.).

How effectively will the enhanced procedures be used? Will users
frequently try to bypass them because it is inconvenient etc.?

OT: does the political environment (e.g. management) support increased
security or does it view increased security as an inconvenient thing
they view as really unnecessary in their situation?
>From a purely technical POV, it is as the other responders have said.
Having *decent* pass phrases is certainly worthwhile.
> 
> 2. At this stage I am going to use RSA Keys of the default size, is this 
> generally the best approach?
Unless you are in an environment that is a desirable target for
espionage (corporate, military, ...) the default sizes are sufficient
IMO.
> 
> 
> Thanks for any thoughts, and have a nice day :)
> <snip sig stuff>
-- 
Bill

On Tuesday 15 April 2008, Clint Dilks wrote:
> 1. Currently all of the key pairs we are using have empty passphrases is
> it worth the effort of changing this and setting up ssh-agent compared
> to what you gain in security by doing this ?
To get a clear idea of what keys with no passphrases are like consider the 
idea that users put their regular password in /home/$USER/my_passwd.txt

We try our very best to stop any use of key-pairs without passphrase. All 
modern distros have ssh-agents. Using it is trivial, not using it is lazy. 
For extra security use "ssh-add -c" and you'll know when your
agent is
actually signing stuff.

/Peter
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part.
URL:
<http://lists.centos.org/pipermail/centos/attachments/20080415/318d1068/attachment-0001.sig>

Clint Dilks wrote:
> Hi People,
>
> The Linux Environment I am responsible for is using ssh key pairs to 
> allow access to a number or accounts on a number Linux Servers.  I 
> currently have the opportunity to re-design some of this.  So I would 
> like to tap into peoples experiences to see what might be some good 
> changes to make.  Specifically I have a couple of questions
>
> 1. Currently all of the key pairs we are using have empty passphrases 
> is it worth the effort of changing this and setting up ssh-agent 
> compared to what you gain in security by doing this ?
>
> 2. At this stage I am going to use RSA Keys of the default size, is 
> this generally the best approach?
>
>
> Thanks for any thoughts, and have a nice day :)
> _______________________________________________
> CentOS mailing list
> CentOS at centos.org
> http://lists.centos.org/mailman/listinfo/centos
>
Hi Again people, thank you for all the responses.  You have definitely 
given me something to think about.  Much appreciated :)

On Tue, Apr 15, 2008 at 8:12 AM, Peter Kjellstrom <cap at nsc.liu.se>
wrote:
> On Tuesday 15 April 2008, Clint Dilks wrote:
>  > 1. Currently all of the key pairs we are using have empty passphrases
is
>  > it worth the effort of changing this and setting up ssh-agent
compared
>  > to what you gain in security by doing this ?
>
>  To get a clear idea of what keys with no passphrases are like consider the
>  idea that users put their regular password in /home/$USER/my_passwd.txt
>
>  We try our very best to stop any use of key-pairs without passphrase. All
>  modern distros have ssh-agents. Using it is trivial, not using it is lazy.
>  For extra security use "ssh-add -c" and you'll know when
your agent is
>  actually signing stuff.
>
>  /Peter
>
This is a HUGE step backwards in security!  Now when your system in
compromised, the attacker will be able to get into ALL of the systems
that user has used that password on.  Face it, users often use the
same password everywhere.  This is really a bad, bad idea.

With password-less SSH keys, at least they only gain access to the
systems with the corresponding key.

Using an ssh-agent is often not feasible for system-level functions
that need to SSH.  Who's going to be there at 2AM to type in the
passphrase when the system reboots?  If you script it, then you just
put the plaintext password in a script file again, and now have the
same problem.

Remember, the old way of doing this was with rsh and .rhosts files,
and those were a problem because DNS could more easily be compromised,
and the system tricked into letting you in.  SSH keys are meant to get
around THAT problem.  Otherwise, all the secret keyfiles are protected
using restrictive permissions, which is what you have to rely on for
this security.