View previous topic :: View next topic |
Author |
Message |
dpaddy Tux's lil' helper
Joined: 25 Jun 2008 Posts: 142
|
Posted: Tue Apr 25, 2017 8:27 pm Post subject: [SOLVED] ssh keys |
|
|
According to Ramanujan, the goddess Namagiri revealed things to him in dreams...
1) Correct entries for /etc/ssh/ssh_known_hosts surely can be somehow obtained without help from Namagiri ... but how?
I am not looking for the sort of answers I've found on the web (vulnerable to man-in-the-middle, or "ask the admin" -- evidently the admin gets answers from Namagiri).
I found /etc/ssh/ssh_host_ed25519_key.pub and the better web pages lead me to believe ssh-keygen was the answer, but Code: | # ssh-keygen -vlf /etc/ssh/ssh_host_ed25519_key.pub
sshkey_new failed |
2) I'm not happy with ed25519... How do I generate rsa keys with lots of bits? Following https://wiki.gentoo.org/wiki/SSH (with default number of bits) gives Code: | # /usr/bin/ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key -N ""
unknown key type rsa | Moreover, Code: | # ssh-keygen -t rsa
unknown key type rsa |
It's already been a long month...
Last edited by dpaddy on Wed Apr 26, 2017 3:31 pm; edited 3 times in total |
|
Back to top |
|
|
Ant P. Watchman
Joined: 18 Apr 2009 Posts: 6920
|
Posted: Tue Apr 25, 2017 8:32 pm Post subject: |
|
|
Why are you using that weird command instead of just ssh-keyscan?
The (old, bloated, less secure) RSA keys require OpenSSL, rebuild OpenSSH with the correct use flags for that. |
|
Back to top |
|
|
John R. Graham Administrator
Joined: 08 Mar 2005 Posts: 10587 Location: Somewhere over Atlanta, Georgia
|
Posted: Tue Apr 25, 2017 8:38 pm Post subject: Re: ssh keys |
|
|
dpaddy wrote: | 1) Correct entries for /etc/ssh/ssh_known_hosts surely can be somehow obtained without help from Namagiri ... but how? | Automatically. The first time you connect to a particular host, you'll get a prompt: Code: | The authenticity of host 'secmt-service02 (10.45.17.35)' can't be established.
ECDSA key fingerprint is SHA256:A9cYDID+mc69HZJdBAIJ3exv8pfRS5Rs/G/DYCbLzzA.
Are you sure you want to continue connecting (yes/no)? | Answering "yes" to this prompt populates ~/.ssh/known_hosts with the public key provided during protocol negotiation. Verify the fingerprint to whatever level your security paranoia requires (something above no verification at all).
dpaddy wrote: | 2) I'm not happy with ed25519... How do I generate rsa keys with lots of bits? Following https://wiki.gentoo.org/wiki/SSH (with default number of bits) gives Code: | # /usr/bin/ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key -N ""
unknown key type rsa | Moreover, Code: | # ssh-keygen -t rsa
unknown key type rsa |
| Works here: Code: | $ ssh-keygen -t rsa -b 4096
Generating public/private rsa key pair.
Enter file in which to save the key (/home/johngrah/.ssh/id_rsa): ^C | Can you provide the output of Code: | sudo equery list -i openssh | please?
- John _________________ I can confirm that I have received between 0 and 499 National Security Letters. |
|
Back to top |
|
|
dpaddy Tux's lil' helper
Joined: 25 Jun 2008 Posts: 142
|
Posted: Tue Apr 25, 2017 8:42 pm Post subject: |
|
|
So... how is ssh-keyscan immune to man-in-the middle? Presumably avoiding man-in-the middle requires the conceptual equivalent of:
1) Gaining physical access to the machine whose public ssh host key one desires (not a problem).
2) Typing some command on that machine ... but WHAT command? |
|
Back to top |
|
|
Ant P. Watchman
Joined: 18 Apr 2009 Posts: 6920
|
Posted: Tue Apr 25, 2017 8:43 pm Post subject: |
|
|
dpaddy wrote: | So... how is ssh-keyscan immune to man-in-the middle? |
It looks up the key fingerprints via DNSSEC, if the sysadmin has bothered to configure their zone file properly. |
|
Back to top |
|
|
John R. Graham Administrator
Joined: 08 Mar 2005 Posts: 10587 Location: Somewhere over Atlanta, Georgia
|
Posted: Tue Apr 25, 2017 8:48 pm Post subject: |
|
|
Ant P. wrote: | ...The (old, bloated, less secure) RSA keys require OpenSSL, rebuild OpenSSH with the correct use flags for that. | You have to work at it not to get RSA support. The correct USE flags default to on.
- John _________________ I can confirm that I have received between 0 and 499 National Security Letters. |
|
Back to top |
|
|
dpaddy Tux's lil' helper
Joined: 25 Jun 2008 Posts: 142
|
Posted: Tue Apr 25, 2017 8:49 pm Post subject: |
|
|
Code: | # equery list -i openssh
* Searching for openssh ...
[IP-] [ ] net-misc/openssh-7.3_p1-r7:0
|
Am I correct in believing /etc/ssh/ssh_known_hosts should contain the public keys? |
|
Back to top |
|
|
John R. Graham Administrator
Joined: 08 Mar 2005 Posts: 10587 Location: Somewhere over Atlanta, Georgia
|
Posted: Tue Apr 25, 2017 8:52 pm Post subject: |
|
|
Yep. My openssh USE flags for reference: Code: | ~ $ sudo emerge -1vp openssh
...
[ebuild R ] net-misc/openssh-7.3_p1-r7::gentoo USE="X hpn ldap pam pie ssl -X509 -bindist -debug -kerberos -ldns -libedit (-libressl) -livecd -sctp (-selinux) -skey -ssh1 -static {-test}" 0 KiB
... | - John _________________ I can confirm that I have received between 0 and 499 National Security Letters. |
|
Back to top |
|
|
dpaddy Tux's lil' helper
Joined: 25 Jun 2008 Posts: 142
|
Posted: Tue Apr 25, 2017 8:52 pm Post subject: |
|
|
I don't mind so much trading age and bloat for security... What is the "new" and "without bloat" alternative which allows me to specify a large number of bits (and what is the relevant package to emerge)? |
|
Back to top |
|
|
John R. Graham Administrator
Joined: 08 Mar 2005 Posts: 10587 Location: Somewhere over Atlanta, Georgia
|
Posted: Tue Apr 25, 2017 9:04 pm Post subject: |
|
|
Elliptic Curve cryptography is alleged with pretty good evidence to achieve a given level of security with fewer bits. See the comparison chart here. So don't freak out that the keys are much shorter. Furthermore, ECC is more complicated in that there's more than just the length to specify. Collectively, these are called the "domain parameters" of a given ECC curve. The parameters include the order of the field on which the curve is calculated, but several other things as well. Also, there are more pifalls with ECC, so it's best to use professionally prepared domain parameters. "ed25519" selects one of those professionally prepared sets, but you don't have the ability to specify the number of bits (it's 256 bits, or, more accurately, over a prime field of order (2**255 - 19).
- John _________________ I can confirm that I have received between 0 and 499 National Security Letters. |
|
Back to top |
|
|
dpaddy Tux's lil' helper
Joined: 25 Jun 2008 Posts: 142
|
Posted: Tue Apr 25, 2017 9:17 pm Post subject: |
|
|
The emerge with the new flags fixed things, thanks
At this point I can visit the machines to which I'ld like to be able to ssh -- so as to collect from them what should go into /etc/ssh/ssh_known_hosts (on my machine, not those I'm visiting) -- but what should be in /etc/ssh/ssh_known_hosts on my machine?
Do I collect /ssh_host_rsa_key.pub, or the "key fingerprint" ... would either do? If either would work, would the "key fingerprint" be less secure (why / why not)? |
|
Back to top |
|
|
NeddySeagoon Administrator
Joined: 05 Jul 2003 Posts: 54097 Location: 56N 3W
|
Posted: Tue Apr 25, 2017 9:35 pm Post subject: |
|
|
dpaddy,
When you generate key pairs, ssh-keygen showns you the key fingerprint.
When you connect to a host, for which you don't have the public key in your known_hosts, ssh shows you the fingerprint for that host.
Verify that both fingerprints are identical. if they are type 'yes' (the full word is required) to add the key to your known_hosts.
The only time you edit known_hosts directly is to delete a key when for some reason, you want tn change a host key.
You compare fingerprints. Everything else just works. _________________ Regards,
NeddySeagoon
Computer users fall into two groups:-
those that do backups
those that have never had a hard drive fail. |
|
Back to top |
|
|
dpaddy Tux's lil' helper
Joined: 25 Jun 2008 Posts: 142
|
Posted: Tue Apr 25, 2017 9:44 pm Post subject: |
|
|
I infer from Quote: | ... for which you don't have the public key in your known_hosts ... | that the the public key goes in known_hosts, not its fingerprint.
Thanks |
|
Back to top |
|
|
NeddySeagoon Administrator
Joined: 05 Jul 2003 Posts: 54097 Location: 56N 3W
|
Posted: Tue Apr 25, 2017 9:54 pm Post subject: |
|
|
dpaddy,
Correct. Do a test.
Code: | $ ssh 127.0.0.1
The authenticity of host '127.0.0.1 (127.0.0.1)' can't be established.
ECDSA key fingerprint is SHA256:EbB2H8j1NeNow9hZfVOGZolpS9ui+bVWxGAfz5yfdvQ.
Are you sure you want to continue connecting (yes/no)? |
Check the fingerprint.
Enter yes
Code: | Warning: Permanently added '127.0.0.1' (ECDSA) to the list of known hosts. |
Complete the login.
Look in Code: | less .ssh/known_hosts | You will have an entry for 127.0.0.1
Other than testing, connect to the loopback interface is not very useful, so you may as well remove that key from known_hosts _________________ Regards,
NeddySeagoon
Computer users fall into two groups:-
those that do backups
those that have never had a hard drive fail. |
|
Back to top |
|
|
|