Re: ssh and trust (Was: Re: [PLUG] Putty and firewall piercing)

Jeff Abrahamson on 28 Feb 2007 15:48:48 -0000

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: ssh and trust (Was: Re: [PLUG] Putty and firewall piercing)

From: Jeff Abrahamson <jeff@purple.com>

To: plug@lists.phillylinux.org

Subject: Re: ssh and trust (Was: Re: [PLUG] Putty and firewall piercing)

Date: Wed, 28 Feb 2007 10:48:41 -0500

Mail-followup-to: plug@lists.phillylinux.org

Reply-to: Philadelphia Linux User's Group Discussion List <plug@lists.phillylinux.org>

Sender: plug-bounces@lists.phillylinux.org

User-agent: Mutt/1.5.13 (2006-08-11)

On Wed, Feb 28, 2007 at 10:33:45AM -0500, bergman@merctech.com wrote: > In Art's question, the local machine is owned by an employer. This > is fairly common. Assuming that the local machine has not been > compromised, is run securely, and that you "trust" the admins who > are running the machine, there's still a risk in that the employer > has a right to the data (ie., your ssh key) stored on that > machine. However, _if_ the ssh key was created with a passphrase, > that key is useless without the passphrase. Note that you still have to trust root if you use an ssh-agent. If you don't trust root but an ssh-agent caches your pasphrase, root can su to me and set the following environment variables like this: jeff@astra:~ $ env | grep SSH_ SSH_AGENT_PID=10926 SSH_AUTH_SOCK=/tmp/ssh-OnXBZ10839/agent.10839 jeff@astra:~ $ and then I'm toast. > The worst situation is that the ssh key has been created without a > passphrase (or that the key was created on the untrusted machine, > and the passphrase was sniffed when the key was created). In this > situation, anyone with access to the key (and sniffed passphrase, if > one was used) also has access to your remote server. Remember, the > ssh key is protected with the standard filesystem ACLs. How much do > you trust the local admins (and how backup tapes are stored)? Same if a key sniffer gets your passphrase later. Again, you have to trust root. > In this case, the most secure method for using ssh from this host to > connect to your remote machine is to use one-time passwords. The > one-time password MUST be computed separately from the untrusted > environment. This may mean using a PDA to generate the OTP or > pre-generating a printed list of OTPs. How do you have your machine demand OTP's? -- Jeff Jeff Abrahamson <http://jeff.purple.com/> +1 215/837-2287 GPG fingerprint: 1A1A BA95 D082 A558 A276 63C6 16BF 8C4C 0D1D AE4B
Attachment: signature.asc
Description: Digital signature

___________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug

References:

Re: [PLUG] Putty and firewall piercing
From: Art Alexion <art.alexion@verizon.net>

[PLUG] OpenWRT and covering a large area with wireless
From: "Randy Schmidt" <x@altorg.com>

Re: [PLUG] Putty and firewall piercing
From: jeff <jeffv@op.net>

Re: [PLUG] Putty and firewall piercing
From: Stephen Gran <steve@lobefin.net>

ssh and trust (Was: Re: [PLUG] Putty and firewall piercing)
From: bergman@merctech.com

Prev by Date: ssh and trust (Was: Re: [PLUG] Putty and firewall piercing)

Next by Date: Re: ssh and trust (Was: Re: [PLUG] Putty and firewall piercing)

Previous by thread: ssh and trust (Was: Re: [PLUG] Putty and firewall piercing)

Next by thread: Re: ssh and trust (Was: Re: [PLUG] Putty and firewall piercing)

Index(es):

Date

Thread