What is a SSH key
When using SSH to connect to a remote host, some form of authentication is
required. In the context of SourceForge.net, SSH provides two means to
authenticate to a remote host: passwords and the use of public key
cryptography (SSH keys). The use of passwords is fairly well understood; this
document has been created to provide an overview of the second supported
authentication mechanism, the use of SSH keys.
SSH key pairs (as with most mechanisms which use public key cryptography)
consist of two pieces, a public key and a private key. Your private key
contains data which only you should know; this key should be retained on a
machine you have direct control over and should not be given to anyone. Your
public key will be uploaded to remote hosts to which you wish to connect.
Within public key cryptography, the fundamental idea is that two keys exist, a
public key and a private key. The public key is derived from the private
key. Messages encrypted against the public key may only be decrypted by those
individuals who hold the corresponding private key. Messages signed using the
private key may be validated (i.e. you can ensure that the sender holds that
private key) using the public key.
Within the SSH key scheme, both the host and the user hold a key pair. When
connecting to the remote host, the public key for that host is sent to the
user for verification. Data sent from the user to the host is encrypted
against the public key for that host; when the data is received by the host,
it is decrypted using that host's private key.
When you connect to a remote host, it will check to see if it has a public key
on file for your account. If the host does have a public key on file for your
account, it will ask your workstation (the connecting machine) whether it
holds the corresponding private key. If your workstation does hold the
matching private key, your identity will have been confirmed and you will have
completed authentication to the remote host. Any data subsequently sent from
the host to your workstation will be encrypted with your public key (held by
the remote host); when that data is received by your workstation, it will be
decrypted using your private key.
What is the benefit of using SSH keys instead of passwords?
The use of SSH keys for user authentication, instead of passwords, provides a
number of significant benefits:
-
Most SourceForge.net users consider the primary benefit of SSH key use to be
the alleviation of the need to enter your password when performing
operations (such as CVS commits) which require authentication.
-
In order to access your account, an attacker would need to steal your SSH
key, not just a short, type-able password. While it is important to guard
access to your SSH private key, it may not easily be written down on scraps
of paper near your desk or otherwise be stored in blatantly insecure
locations.
-
SSH keys are not easily guess-able, alleviating one of the major risks
involved with the use and selection of account passwords.
-
Since brute force (exhaustive) attacks on SSH keys are much less likely, you
may use your SSH keys for a longer time period; passwords need to be changed
regularly to ensure a high level of security.
-
Using SSH keys, you may easily automate access to a host in a secure manner,
since password data need not be stored within the script.
What is the difference between SSH1 and SSH2?
SSH comes in two flavors, SSH1 (which uses RSA public key cryptography) and
SSH2 (which uses DSA public key cryptography). We recommend the use of SSH2
rather than SSH1, as result of design enhancements in the newer protocol. SSH1
makes use of RSA public keys and SSH2 makes use of DSA public keys. These keys
are not interchangeable. The SSH1 and SSH2 protocols function in completely
different ways to accomplish similar goals. While most SSH client suites
support both the SSH1 and SSH2 protocols, it is important to realize which
protocol you are using, from the perspective of using SSH keys. The protocol
you choose to use will determine what type of public key pair (RSA or DSA) you
will generate.
What security precautions need to be taken when using SSH keys?
-
Ensure that your private key has been placed only on machines over which you
have direct control. Public, shared, and community machines are not suitable
environments to store SSH private keys. Take action to help prevent theft of
your SSH private key data. Setting a password on your SSH private key will
help reduce the risks involved with private key theft.
-
Generate a key pair for each major location you work from. Keep the private
key for that location only at that location. If your private key for a
particular location is compromised, simply remove the corresponding public
key from SourceForge.net, this preventing further use of that key pair to
access SourceForge.net.
How do I generate a SSH key?
Each SSH suite provides its own mechanism for key pair generation. Please
refer to the documentation which accompanied your SSH client to determine the
proper procedure for adding a password to your key.
If you are making use of OpenSSH, you will make use of the "ssh-keygen"
utility to generate your key pair. SSH1 (RSA) keys may be generated by
executing "ssh-keygen -t rsa1". SSH2 (DSA) keys may be generated by executing
"ssh-keygen -t dsa". Additional parameters are available; see the
documentation accompanying OpenSSH for details.
If you are making use of PuTTY, a passphrase may be added to your private key
file by using the following process:
-
Execute "PUTTYGEN.EXE"
-
Click on the "Generate" button or load an existing private key file.
-
Follow the instructions on-screen (if applicable).
-
Enter your new passphrase in to the "Key passphrase" field.
-
Enter your new passphrase in to the "Confirm passphrase" field.
-
Click on the "Save" button to save your private key file (now protected by
your new passphrase).
Can I put a password on my SSH key?
Most SSH suites provide the means to add a password to your private
key. Generally, this may be done either at time of key generation or
after-the-fact. Please refer to the documentation which accompanied your SSH
client to determine the proper procedure for adding a password to your key.
If you are making use of OpenSSH, a passphrase may be added to your private
key file using the following command syntax:
ssh-keygen -p [-P old_passphrase] [-N new_passphrase] [-f keyfile]
If you are making use of PuTTY, a passphrase may be added to your private key
file by using the following process:
-
Execute "PUTTYGEN.EXE"
-
Click on the "Load" button to load an existing private key file.
-
Enter your new passphrase in to the "Key passphrase" field.
-
Enter your new passphrase in to the "Confirm passphrase" field.
-
Click on the "Save" button to save the modified version of this private key
file (now protected by your new passphrase).
Can I remove or change a password on my SSH key?
Most SSH suites provide the means to add a password to your private
key. Generally, this may be done either at time of key generation or
after-the-fact. Once a password has been added to your public key file, you
may generally remove it, or change it, using the tools provided in your SSH
suite. Please refer to the documentation which accompanied your SSH client to
determine the proper procedure for changing or removing a password from your
key file.
If you are making use of OpenSSH, the passphrase on your private key file may
be changed using the following command syntax:
ssh-keygen -p [-P old_passphrase] [-N new_passphrase] [-f keyfile]
If you are making use of PuTTY, the passphrase on your private key file may be
changed using the following process:
-
Execute "PUTTYGEN.EXE"
-
Click on the "Load" button to load an existing private key file.
-
When prompted, enter the existing passphrase for this key file.
-
Enter your new passphrase in to the "Key passphrase" field.
-
Enter your new passphrase in to the "Confirm passphrase" field.
-
Click on the "Save" button to save the modified version of this private key
file (now protected by your new passphrase).
What do I do if I lose my SSH key?
The circumstances surrounding the loss or compromise of your SSH key should
largely determine your behavior. If your key is compromised, IMMEDIATELY
update your SSH key data on the SourceForge.net site and take steps to ensure
your project data has not been compromised (check for changes to project
content on the shell servers and CVS commits attributed to your user). If you
have simply lost your key, simply generate a new key pair and update the key
data for your user account to match.
Newsgroups: comp.security.ssh
> Are there any security risks in having a directory of key files as
> opposed to one big file of key lines?
Doable but it would be 100 files in a directory called known_hosts. Vi
the single file and locate the key by name or ip would not be difficult
at all. Security wise, single file is also easier to monitor and
maintain, as opposed to 200 files (naming convention????? and a security
risk as well).
RSA based authentication
*References*: to below 'authorized_keys base' for a more generally practical solution.
Help
Intro
As a third authentication method, ssh supports RSA based authentication.
The scheme is based on public-key cryptography.
The idea is that each user creates a public/private key pair for
authentication purposes. The server knows the public key, and only the user
knows the private key.
You can generate a public key (sort of like a Kerberos ticket) that will let
you login to UNIX accounts that without typing your SSH password each time.
When you first login to your local workstation, run "ssh-agent" and give it
your passphrase. Then ssh will not prompt for the password; the target
account must have your "identity.pub" key in ~/.ssh/authorized_keys.
The file $HOME/.ssh/authorized_keys lists the public keys that are permitted
for logging in.
When the user logs in, the ssh program tells the server which key pair it
would like to use for authen- tication. The server checks if this key is
permitted, and if so, sends the user (actually the ssh program running on
behalf of the user) a challenge, a random number, encrypted by the user's
public key. The challenge can only be decrypted using the proper private
key. The user's client then decrypts the challenge using the private key,
proving that he/she knows the private key but without disclosing it to the
server.
RSA key pair & passphrase
The security of your passphrase is of the utmost importance, because in
order for ssh-agent to be of much use, your passphrase must serve to
authenticate you to any machine you wish to use. This basically means that
your SSH passphrase is a password that works on all the accounts of all the
machines you use. Obviously, therefore, if someone figures out your SSH
passphrase, they have access to all the machines you use; this is a
worst-case scenario which is to be avoided. Therefore, you should take care
never to type your SSH passphrase over an unencrypted network stream.
Whenever you type your SSH passphrase, you NEED TO THINK about whether ANY
ONE of the network connections over which you are sending your passphrase is
unencrypted or otherwise "sniffable" — i.e., are you "secure to console"?
If you do have insecure connections, don't enter your passphrase. Just hit
return, and you can enter your UNIX password instead, or you can hit return
again, log out of the insecure network connection, and try again from a
secure host.
That said, here are some guidelines for picking passphrases:
-
Should be between 25 and 80 characters
-
Should not be English text (or the like)
-
Should not be the name of any entity, person, place, …
-
Should not be anything anyone could guess from hearing you talk
After you enter your passphrase, your SSH secret key will be
encrypted with your passphrase, and then saved in your ~/.ssh/identity
file.
Working History
Steps
— Ssh implements the RSA authentication protocol automatically. The user
reates his/her RSA key pair by running ssh-keygen(1). This stores in the
user's home directory:
the private key in .ssh/identity, and
the public key in .ssh/identity.pub
The "identity" file should not be readable by anyone but you.
cd ~/.ssh
cat identity.pub >> authorized_keys # for ssh login locally
cat identity.pub >> ~tong.iit/.ssh/authorized_keys # to log onto iitrc
— The user should then append the identity.pub to .ssh/authorized_keys in
his/her home directory on the remote machine
— the authorized_keys file corresponds to the conventional .rhosts file,
and has one key per line, though the lines can be very long.
— After this, the user can log in without giving the password. RSA
authentication is much more secure than rhosts authentication.
"Remote"?
The recommended way to start a shell in a remote machine is
so ssh form iitrc to sunshine will use
tong@iitrc:~/$ xterm -e ssh sunshine &
local machine: iitrc
remote machine: sunshine
Bad file modes
bad ownership or modes for home directory
Symptom
sunshine: Trying rhosts or /etc/hosts.equiv with RSA host authentication.
sunshine: Remote: Rhosts authentication refused for tong: bad ownership or modes for home directory.
sunshine: Server refused our rhosts authentication or host key.
sunshine: No agent.
sunshine: Trying RSA authentication with key 'tong@sunshine'
sunshine: Remote: Bad file modes for /export/home/tong
sunshine: Server refused our key.
sunshine: Doing password authentication.
tong@iitrc's password:
Change
tong@iitrc:~$ dirdir .
drwxrwxr-x 34 tong tong 4608 Sep 27 22:52 ./
tong@iitrc:~$ chmod 755 .
|
!! |
sunshine: Trying rhosts or /etc/hosts.equiv with RSA host authentication.
sunshine: Remote: Accepted by .rhosts.
Bad file modes for /home/tong/.ssh
Symptom
sunshine: Trying RSA authentication with key 'tong@sunshine'
sunshine: Remote: Bad file modes for /home/tong/.ssh
sunshine: Server refused our key.
sunshine: Doing password authentication.
tong@sunshine's password:
Change
tong@sunshine:~$ dirdir .ssh/
drwxrwx--x 2 tong tong 1024 Sep 27 21:18 .ssh//
tong@sunshine:~$ chmod 700 !$
|
|
!! |
sunshine: Trying RSA authentication with key 'tong@sunshine'
sunshine: Received RSA challenge from server.
Enter passphrase for RSA key 'tong@sunshine':
Working Sample
file modes
tong@sunshine:~/.ssh$ dir
total 8
-rwx------ 1 tong tong 1006 Sep 27 21:01 authorized_keys*
-rw------- 1 tong tong 528 Jun 6 21:23 identity
-rw-rw---- 1 tong tong 333 Sep 27 21:03 identity.pub
-rw-rw---- 1 tong tong 1970 May 27 12:58 known_hosts
-rw-rw---- 1 tong tong 984 May 6 21:40 known_hosts.000516
-r-------- 1 tong tong 512 Jun 7 17:44 random_seed
— no problem to login from iitrc to sunshine without password.
the group mod for identity.pub & known_hosts is not important
tong@sunshine:~/.ssh$ chmod 600 *
— still no problem to login from iitrc to sunshine without password.
authorized_keys doesn't need the execution right!
primary authentication
The second (and primary) authentication method is the rhosts or hosts.equiv
method combined with RSA-based host authentication. It means that if the
login would be permitted by .rhosts, .shosts, /etc/hosts.equiv, or
/etc/shosts.equiv, and additionally it can verify the client's host key (see
$HOME/.ssh/known_hosts and /etc/ssh_known_hosts in the FILES section), only
then login is permitted. This authentication method closes security holes
due to IP spoofing, DNS spoofing and routing spoofing. [Note to the
administrator: /etc/hosts.equiv, .rhosts, and the rlogin/rsh protocol in
general, are inherently insecure and should be disabled if security is
desired.]
authorized_keys base
*Tags*: remote authentication
Help
To avoid having to type your password every time for your CVS/SSH developer
account, you may put your public key(s) in your ~/.ssh/authorized_keys file.
To generate a public key, run the program 'ssh-keygen' (or ssh-keygen1). The
public key will be placed at '~/.ssh/identity.pub'.
Ssh implements the RSA authentication protocol automatically. The user
creates his/her RSA key pair by running ssh-keygen(1). This stores the
private key in .ssh/identity and the public key in .ssh/identity.pub in the
user's home directory. The user should then copy the identity.pub to
.ssh/authorized_keys in his/her home directory on the remote machine (the
authorized_keys file corresponds to the conventional .rhosts file, and has
one key per line, though the lines can be very long). After this, the user
can log in without giving the password.
canonical hostname
Newsgroups: comp.programming,comp.security.ssh,comp.security.unix,comp.unix.shell
I'd imagine that ssh would make your life easier since it's designed as
a drop-in replacement for rsh. You wouldn't have to worry about
terminal emulation or require something like expect to automate things.
However, if you don't pass ssh something to do on the command line, it
will log you into an interactive session much the same way rsh falls
back to rlogin.
The downside of using ssh in scripts is that you would need some way to
store the key in memory. This is accomplished using ssh-agent in ssh2.
You'd need to start cron under ssh-agent and enter the passphrase for
your key once. Then any children it spawns will have access to the key
in memory. Creating keys with empty passphrases is another solution,
but this essentially defeats much of the security around ssh. Once
someone gets your private key, they have unrestricted access to any
systems that accepts it.
|
hostbased authentication is deprecated to pass-phrase authentication. |
Here, I'll use the following terms:
-
The Server is the SSH server into which you're trying to
connect.
-
The ServerUser is the username on the Server into which you'd
like to login.
-
The Client is the machine running a SSH client.
-
The ClientUser is the username on the Client that you'd like to
allow to login to the Server as the Server User.
As an example, our backups are done via username "backup" on host
Tapeserv. On our Authserv server, user "root" is trying to connect
to Tapeserv to make Authserv's backups on Tapeserv's tape drive.
This means that the Server is Tapeserv, the ServerUser is backup,
the Client is Authserv, and the ClientUser is "root".
Step 1.
Of course, install SSH on the Server and Client machines.
Step 2 - SSH1.
On the Client, cat the file /etc/ssh_host_key.pub and copy-n-paste
it into Notepad or some other text editor. It will look something
like this:
1024 35 1255908028087833976430... root@authserv
(the actual number will be much longer)
Remove the root@Client from the end and add the Client hostname to
the beginning:
authserv 1024 35 1255908028087833976430...
Then copy-n-paste this single, very long line into Server's
/etc/ssh_known_hosts file.
This gives the Server the Client's public key so the Server can
verify the Client's identity based on a public key signature. By
contrast, rsh only uses the IP address for authentication.
Step 3 - SSH2.
Copy the Client's /etc/ssh2/hostkey.pub file over to the Server and
name it /etc/ssh2/knownhosts/authserv.ssh-dss.pub
Of course, since your host isn't named Authserv, use your own
hostname. Generally, you'll want to use the "short" hostname and not
the fully qualified hostname.
This gives the Server the Client's public key so the Server can
verify the Client's identity based on a public key signature. By
contrast, rsh only uses the IP address for authentication.
Step 4.
On the Server, create a file in the ServerUser's home directory
named ".shosts". The contents of this file should be the Client
hostname, some tabs or spaces, and the ClientUser username.
For example, to allow root@Authserv to log into backup@Tapeserv, I'd
place this .shosts file into backup's home directory on Tapeserv:
Be sure to chown and chmod the .shosts file. The .shosts file must
be owned by the remote user and should be mode 0400.
Step 5 - SSH1.
Make sure that this line exists in /etc/sshd_config:
RhostsRSAAuthentication yes
This enables the SSH1 daemon to do what we need it to do.
For safety, you may also want to verify this line:
This disables the use of rhosts-style authentication without
corresponding public key authentisation.
If you had to modify the sshd_config file, you have to HUP the sshd
to make the change take effect.
Step 6 - SSH2.
Check the file /etc/ssh2/sshd2_config and make sure that
AllowedAuthentications contains the word "hostbased" For example, it
may read:
AllowedAuthentications hostbased,password
If you had to modify the sshd2_config file, you'll have to HUP the
sshd to make the change take effect.
Step 7.
On the Client, log in as the ClientUser and try this:
ssh ServerUser@Server uptime
You should get back the results of "uptime" run on the remote
server.
The first time you run ssh to that particular server, you'll have to
answer "yes" when asked if you want to connect to the server. This
is because the local ssh doesn't yet have the remote server's SSH
public key. This will only hapen the first time.
|
|
the hostbased SSH authentication is not recommended.
Use the rsa public/private key instead. |
*References*: cmd:keychain
documented on: 2007.01.31
Newsgroups: comp.unix.shell
>I've heard a lot about ssh can set DISPLAY variable automatically but
>never saw it happened until I set up ssh server on my linux box. The
>problem was none of the unix box in my univ. worked, including all the
>boxes in our lab that I take care of. I got the message:
>
>Warning: Remote host denied X11 forwarding, perhaps xauth program could not be
>run on the server side.
>
>what could be wrong? How to fix it? I checked that xauth is right there in the
>path.
But is it in the path that ssh has on the remote machine _before_
it spawns your login shell?
Read the manual page for sshd and either set up your
$HOME/.ssh/environment files with PATH settings which
can find xauth, or set up your $HOME/.ssh/rc file to
do the xauth for sshd.
Questions about ssh (xauth)
Sshd reads configuration data from /etc/sshd_config (or the file specified
with -f on the command line). The file contains keyword-value pairs, one
per line. Lines starting with '#' and empty lines are interpreted as
comments.
When a user successfully logs in, sshd does the following:
-
If the login is on a tty, and no command has been
specified, prints last login time and /etc/motd (unless
prevented in the configuration file or by
$HOME/.hushlogin; see the FILES section).
-
If the login is on a tty, records login time.
-
Checks /etc/nologin; if it exists, prints contents and
quits (unless root).
-
Changes to run with normal user privileges.
-
Sets up basic environment.
-
Reads /etc/environment if it exists.
-
Reads $HOME/.ssh/environment if it exists.
-
Changes to user's home directory.
-
If $HOME/.ssh/rc exists, runs it (with the user's
shell); else if /etc/sshrc exists, runs it (with
/bin/sh); otherwise runs xauth. The "rc" files are
given the X11 authentication protocol and cookie in
standard input.
-
Runs user's shell or command.
