On Mon, 16 Jun 2025, Marco Trevisan wrote:> In the short run I feel one thing we may do is to make ssh-agent to only > use fprintd (it needs to go through fprintd DBus APIs, PAM or > `fprintd-verify`) every time the agent requires to provide the key, so > to enforce the security, but not to make it unlock the secret when you > use `ssh-add`.Note that, even if you do the above, the protection the fingerprint provides to your private key material is only as strong as your OS' security. If an attacker is able to elevate privilege then they could steal the key material from the agent without your fingerprint. Contrast with a biometrically-unlocked key held in say Apple's TouchID or a biometric FIDO key, where a separate secure processor with significantly less attack surface than a consumer OS is the only thing that has access to the key material. Of course, these can have serious bugs too... -d
On 17.06.25 00:58, Damien Miller wrote:> Note that, even if you do the above, the protection the fingerprint > provides to your private key material is only as strong as your OS' > security.... if even that, considering that a) we constantly leave our fingerprints all over the place and b) making a fingerprint sensor that cannot be fooled with a lifted print somehow is quite nontrivial ... Kind regards, -- Jochen Bern Systemingenieur Binect GmbH -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 4336 bytes Desc: S/MIME Cryptographic Signature URL: <http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20250617/9cd8c188/attachment-0001.p7s>
On giu 17 2025, at 12:58 am, Damien Miller <djm at mindrot.org> wrote:> On Mon, 16 Jun 2025, Marco Trevisan wrote: > >> In the short run I feel one thing we may do is to make ssh-agent to only >> use fprintd (it needs to go through fprintd DBus APIs, PAM or >> `fprintd-verify`) every time the agent requires to provide the key, so >> to enforce the security, but not to make it unlock the secret when you >> use `ssh-add`. > > Note that, even if you do the above, the protection the fingerprint > provides to your private key material is only as strong as your OS' > security. If an attacker is able to elevate privilege then they > could steal the key material from the agent without your fingerprint.Isn't this true for any kind of privilege escalation when the agent is in place?