[Gllug] ssh brute force attacks
Richard Jones
rich at annexia.org
Thu Dec 11 11:55:56 UTC 2008
On Wed, Dec 10, 2008 at 03:01:43PM +0000, Joel Bernstein wrote:
> 2008/12/10 Lesley Binks <lesleyb at pgcroft.net>:
> > Okay ... what's the situation with a nicked/lost laptop carrying such
> > keys? Supposing they can crack the laptop passwords or gain access to
> > disk info someother way - how secure is key based authentication then?
> > I just feel it's bolted the doors in one place but left them wide open in
> > another.
>
> Er.. So once they crack the BIOS password, login as your user, mount
> the encrypted homedir, and get into your ~/.ssh directory, they have
> your private key, which is passphrase protected. What would you
> suggest as being a better option?
>
> If you're not putting passphrases on the private keys then you have
> exactly the same problems as allowing insecure passwords, but nobody
> AFAIK has suggested that as a good option. If the keys are secured
> with passphrases then a local machine exploit shouldn't compromise
> them.
The real problem is people getting access to your private keys through
gaining access to your ssh agent. This can happen surprisingly
easily: if a server is cracked that you regularly log in to, and if
you routinely forward the agent connection to that server. Every time
you use ForwardAgent=yes you are trusting the remote server.
Even using ForwardX11 can be dangerous - eg. if you're running certain
types of Tk apps[1], or if the X protocol can be exploited - not
unlikely given the huge scope of X and the limited security attention
that the protocol gets.
Rich.
[1] Read it and weep: http://wiki.tcl.tk/1055
--
Richard Jones
Red Hat
--
Gllug mailing list - Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug
More information about the GLLUG
mailing list