Is it possible to acquire an SSH authorized RSA private key just by having access to the server?

1

Is it possible to get hold of an RSA private key (pem file) simply by having (root) access to a server that authorizes ssh access using that that private key. For example, can the entries in .ssh/authorized_keys be used to generated the RSA private keys for which they are associated with.

The reason I ask is because I need to disable ssh access to a server with a particular key file. I've edited the authorized_keys file manually and removed the entry associated with that key. That worked and ssh access is no longer possible with that key file, but before I did that, I had created a new private key for ssh access.

I'm concerned that someone with that disabled key file may have been able to acquire the new RSA private key before I was able to delete the old one.

Is that possible?

RTF

Posted 2015-09-06T11:04:38.840

Reputation: 326

Question was closed 2015-09-09T15:31:51.893

Cross-posted on Information Security Stack Exchange.

– JakeGould – 2015-09-09T14:33:28.297

Already over http://security.stackexchange.com/questions/99669/is-it-possible-to-acquire-an-ssh-authorized-rsa-private-key-just-by-having

– random – 2015-09-09T15:31:51.893

Answers

2

For practical purposes: no, it's not possible. More strictly speaking: it's possible, but not feasible. The attacker would need immense computing power or major mathematical breakthroughs.

The entry in your authorized_keys file is a public key. The whole point of public-key cryptography is that your public key can be public because an attacker can't use it to derive your private key.

Wyzard

Posted 2015-09-06T11:04:38.840

Reputation: 5 832

Asked: 2015-09-06T11:04:38.840

Viewed: 68 times

Active: 2015-09-06T12:48:38.143