4

There was recently a "two for the price of one" deal on the Yubikey 4 and now I have too many of them.

This got me thinking about things to do with them, more or less useful. Of course I already use the smart card features to secure my SSH CA and my personal SSH keys. But could it also be used to secure host keys?

This would most certainly require the use of an ssh-agent since it seems exceedingly impractical to enter the PIN code every time a client connects to the server. After a quick look in the sshd_config manual it is actually possible to point it to a SSH_AUTH_SOCK instead of files on disk for host keys using HostKeyAgent.

Could you elaborate your thoughts about the actual security gain in a setup like this? For me the most obvious is a physical key, you can always be sure that the key is not copied somewhere, and if the yubikey is gone you can easily notice this.

schroeder
  • 123,438
  • 55
  • 284
  • 319
Peter
  • 429
  • 3
  • 15

2 Answers2

0

AFAIK, your assessment is quite correct. Your physical device migrates the risk for your key to be stolen from the virtual to the physical world. So if your server is temporarily compromised you have a minimal risk that your key has been stolen. Which a huge difference!

However, it does not generally prevent the abuse of your key. So if someone hacks your server, he can sign arbitrary things with your key, just like your SSH host would do. This includes chosen plain text attacks, which enable the attacker to guess your key in less time. Therefore, it would not efficiently protect a permanently compromised system.

Cryptjar
  • 221
  • 1
  • 4
0

A hardware stored Host key would prevent theft of the key and prevent multiple usage of said key.

But when permissions are properly configured, only the root user has access to these host key files, this means that anyone gaining access to the keys has gained (limited) root permissions.

This means you have bigger issues than just a stolen host key! (the whole system is now insecure and compromised!)

The remaining attack vector is than to steal the key at rest (so directly from the disk without the machine booted or directly form a backup).

While in such a case the risks to current users is minimal, it is still a pretty bad situation. the backup / disk (probably) contains more interesting data than the host key. For the backup you should NEVER include the host keys (or any other keys for that matter) in a backup without safeguards against theft (e.a. encryption).

So in my opinion. if you want to mitigate the risk of a stolen host key you can use a hardware key for that purpose. But I think it would be better suited for a different purpose. (for example use it to encrypt the master secret of a vault from hashicorp and use that to store your other secrets in). for the Host key itself it limits a risk that in a security in depth situation might be possible. but for which there are better solutions available.

LvB
  • 8,217
  • 1
  • 26
  • 43