openssh unix dev - Jul 2024 - Request for a Lockdown option

On 04.07.24 01:41, Manon Goo wrote:
>   	-  some users private keys are lost
Then you go and remove the corresponding pubkeys from wherever they're 
configured.

Seriously, even if you do not scan which pubkey is configured where 
*now* (as is part of our usual monitoring), it'll be your "number
<3"
task *then* to go hunt it down.
> And you want to lock down the sshd and investigate and fix the problem
Then block SSH wherever you can *except* for a jump host that you set up 
with a known good version and grant your fellow sysadmins access to. 
"Lock down sshd 'cause it's dubitable" and "trust a
rarely-used
mechanism inside it to do so" don't mix - after all, the backdoor of 
CVE-2024-3094 allowed the attacker to bypass *some* of the normal crypto 
routines, too.

(And since you mention "port knocking", I'd like to repeat how
fond I am
of upgrading that original concept to a single-packet crypto-armored 
implementation like fwknop.)

Kind regards,
-- 
Jochen Bern
Systemingenieur

Binect GmbH
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3449 bytes
Desc: S/MIME Cryptographic Signature
URL:
<http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20240704/c7df627e/attachment.p7s>

Jochen Bern <Jochen.Bern at binect.de> writes:
> (And since you mention "port knocking", I'd like to repeat
how fond I
> am of upgrading that original concept to a single-packet
> crypto-armored implementation like fwknop.)
I am reluctantly considering to use some kind of port knocking mechanism
on some machines, however I really don't want to carry around shared
symmetric keys or setup yet another public/private key infrastructure
for that purpose.  I already have a working infrastructure for SSH
authentication.

Does anyone know of any implementation that allows me to configure a
PGP/SSH/FIDO/TPM/whatever public key on the server side, and it then
only listens to signed port knocks from the corresponding private keys?

I notice fwknop has PGP support, but it requires a private key on the
server side, and that's really annoying.  Instead of using public-key
encryption, shouldn't be possible to rely only on public-key signing
instead?  I already carry around a physical device with a public/private
keypair in it, and I need that for SSH public-key authentication anyway.
To avoid replay attacks, the signed data needs to be an ever increasing
counter or timestamp a'la HOTP/TOTP.

I think this could be a good builtin functionality of OpenSSH, it
already has all of the public/private key trust infrastructure
available, what is missing is just the plumbing to connect it the
firewall.  Maybe it could go into a separate binary and not in the
default sshd though.  How about a sshfwkd?

/Simon
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 255 bytes
Desc: not available
URL:
<http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20240704/1de5ebbc/attachment.asc>