[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re[2]: [SAGE] The danger of SSH keys..

To: Dustin Puryear <dustin@puryear-it.com>
Subject: Re[2]: [SAGE] The danger of SSH keys..
From: Eric Sorenson <eric@explosive.net>
Date: Mon, 22 Jan 2007 11:12:23 -0800 (PST)
cc: sage-members@usenix.org, general@brlug.net
In-Reply-To: <2710202596.20070122121534@puryear-it.com>
References: <410572049.20070122085528@puryear-it.com> <2710202596.20070122121534@puryear-it.com>
Sender: owner-sage-members@usenix.org

On Mon, 22 Jan 2007, Dustin Puryear wrote:

> And that last point is what concerns me.
> 
> With passwords on servers, *I* control the minimum strength. I can
> require a certain complexity, that one exists, etc. With SSH keys,
> that is difficult if not impossible to do.
> 
> So, to me, while SSH keys may set the bar higher initially, I
> ultimately have more control with passwords.

Yep, we push a different set of configs to our locked-down servers that 
a) restricts logins to members of a particular group via PAM, and 
b) turns off all login services except ssh, and
c) disables key-based auth for the staff who are allowed to log in.

This protects against the threat of passwordless keys plus an 
escalation-of-privilege type attack where the attacker puts her own 
key into another user's authorized_keys file.

-- 
 - Eric Sorenson - N37 17.255 W121 55.738  - http://ahpook.vox.com/   -
 - Personal colo with a professional touch - http://www.explosive.net -

References:
- [SAGE] The danger of SSH keys..
  - From: "Dustin Puryear" <dustin@puryear-it.com>
- Re[2]: [SAGE] The danger of SSH keys..
  - From: "Dustin Puryear" <dustin@puryear-it.com>

Prev by Date: [SAGE] Re: Are cheap SSL certificates legitimate?
Next by Date: Re: [SAGE] The danger of SSH keys..
Prev by thread: Re[2]: [SAGE] The danger of SSH keys..
Next by thread: Re: Re[2]: [SAGE] The danger of SSH keys..
Index(es):
- Date
- Thread