Comments on: Strengthen Your Private Encrypted SSH Keys https://pthree.org/2013/05/27/strengthen-your-private-encrypted-ssh-keys/ Linux. GNU. Freedom. Sun, 24 Sep 2017 06:23:22 +0000 hourly 1 https://wordpress.org/?v=4.9-alpha-41547 By: Aaron Toponce https://pthree.org/2013/05/27/strengthen-your-private-encrypted-ssh-keys/#comment-265189 Wed, 25 May 2016 17:04:34 +0000 http://pthree.org/?p=3138#comment-265189 Requires a login.

]]>
By: Raph https://pthree.org/2013/05/27/strengthen-your-private-encrypted-ssh-keys/#comment-265188 Wed, 25 May 2016 16:34:28 +0000 http://pthree.org/?p=3138#comment-265188 See this bug:
https://rt.openssl.org/Ticket/Display.html?id=4077

]]>
By: sepulther https://pthree.org/2013/05/27/strengthen-your-private-encrypted-ssh-keys/#comment-229231 Sun, 15 Mar 2015 18:46:21 +0000 http://pthree.org/?p=3138#comment-229231 I like your article here; https://pthree.org/2014/12/08/super-size-the-strength-of-your-openssh-private-keys/

but I'm still not clear how to generate secure keys with ed25519 and PBE-SHA1-3DES

Could you clarify the new processes/methodology as if starting from scratch?

]]>
By: sepulther https://pthree.org/2013/05/27/strengthen-your-private-encrypted-ssh-keys/#comment-229230 Sun, 15 Mar 2015 18:38:47 +0000 http://pthree.org/?p=3138#comment-229230 /.ssh# ls
id_ed25519 id_ed25519.pub
/.ssh# mv ~/.ssh/id_ed25519{,.old}
/.ssh# umask 0077
root@folstorn-toolbox:~/.ssh# openssl pkcs8 -topk8 -v2 des3 -in ~/.ssh/id_ed25519.old -out ~/.ssh/id_ed25519
unable to load key
139800028669600:error:0906D06C:PEM routines:PEM_read_bio:no start line:pem_lib.c:703:Expecting: ANY PRIVATE KEY

Can you provide any suggestions about how I can implement PBE-SHA1-3DES with ed25519?

]]>
By: MValdez https://pthree.org/2013/05/27/strengthen-your-private-encrypted-ssh-keys/#comment-220981 Fri, 19 Dec 2014 11:18:58 +0000 http://pthree.org/?p=3138#comment-220981 Dude, put a link to your newer article here (to the one about using Bcrypt and ed25519 in the newest OpenSSH versions).

Regards, MV.

]]>
By: c0ntr1but3 https://pthree.org/2013/05/27/strengthen-your-private-encrypted-ssh-keys/#comment-132059 Thu, 27 Feb 2014 23:34:23 +0000 http://pthree.org/?p=3138#comment-132059 Thanks Aaron - nice post. I just wanted to highlight that you've used 3DES and triple DES interchangeably in one of your statements - they're not.

As you quite rightly state later: 3DES encrypts 3 times. Once with each of 3 keys.

In a previous statement however you mention "168 bit triple DES". Triple DES however does 3 passes but only uses TWO keys. First pass with first key, second pass with second key and third pass with... FIRST key 🙁 Don't get me wrong, it's still going to be hard to break but. 3DES will be harder because you have to break 3 x 56bit keys vs 2. Obviously with Triple DES if you crack the 1st key and make your way to breaking the 2nd then you're rewarded with a nice easy re-use of the first.

Keep up the cool posts - your writing style is easy to read!

Cheers

]]>
By: Stewart https://pthree.org/2013/05/27/strengthen-your-private-encrypted-ssh-keys/#comment-131133 Wed, 11 Dec 2013 14:59:55 +0000 http://pthree.org/?p=3138#comment-131133 In case anybody's having issues with these hardened keys using Mavericks, I've written a blog-post on how to work around the limitation by rebuilding ssh-add and ssh-agent from source:
http://blogs.wcode.org/2013/12/temporary-work-around-to-allow-using-pkcs8-hardened-ssh-keys-with-mavericks-10-9/

]]>
By: Mikal https://pthree.org/2013/05/27/strengthen-your-private-encrypted-ssh-keys/#comment-130361 Fri, 01 Nov 2013 11:45:22 +0000 http://pthree.org/?p=3138#comment-130361 Tripple DES doesn't provide 168 bits of security, because of the meet in the middle attack tripple DES can at best provide 112 bits of security.

http://en.wikipedia.org/wiki/Meet-in-the-middle_attack

]]>
By: Jeff https://pthree.org/2013/05/27/strengthen-your-private-encrypted-ssh-keys/#comment-129812 Fri, 11 Oct 2013 21:14:23 +0000 http://pthree.org/?p=3138#comment-129812 FYI, I ran into a problem using a key generated with this process under 10.9 - might be some quirk, it is running OpenSSH 6.2 vs. 5.9 in 10.8. I reverted to the old format for now but will look into it more later.

]]>
By: Greg Grossmeier https://pthree.org/2013/05/27/strengthen-your-private-encrypted-ssh-keys/#comment-126822 Mon, 17 Jun 2013 17:06:01 +0000 http://pthree.org/?p=3138#comment-126822 Added this to my todo list 🙂

Thanks Aaron.

]]>
By: Aaron Toponce https://pthree.org/2013/05/27/strengthen-your-private-encrypted-ssh-keys/#comment-126560 Thu, 30 May 2013 03:18:53 +0000 http://pthree.org/?p=3138#comment-126560 demure, yes as mentioned above: ssh-keygen -f ~/.ssh/id_rsa -p

]]>
By: demure https://pthree.org/2013/05/27/strengthen-your-private-encrypted-ssh-keys/#comment-126557 Wed, 29 May 2013 14:53:09 +0000 http://pthree.org/?p=3138#comment-126557 @victor ssh-agent works fine. I was asking if I were to decide to change the pass phase of the key, can I?

]]>
By: Victor Engmark https://pthree.org/2013/05/27/strengthen-your-private-encrypted-ssh-keys/#comment-126555 Wed, 29 May 2013 10:05:37 +0000 http://pthree.org/?p=3138#comment-126555 Excellent article! I created a single command to create safe SSH keys; can you tell if it's got any security holes? https://github.com/l0b0/tilde/commit/f2f448935e47bac17eceaa897043c6d7c198c8d0#L0R1745

One possible issue is that the key is stored in unencrypted form until the user is done with encrypting it. Ideally it should be read through a pipe, but I couldn't find a way for ssh-keygen to print the key to stdout.

]]>
By: Victor Engmark https://pthree.org/2013/05/27/strengthen-your-private-encrypted-ssh-keys/#comment-126554 Wed, 29 May 2013 09:59:31 +0000 http://pthree.org/?p=3138#comment-126554 @Loïc/@demure: You'll need to cache the SSH key before it will succeed. You can either log in again (if you have an encryption key manager like gnome-keyring-daemon), run "eval `ssh-agent` && ssh-add" to add it in the current shell, or use SSH_AUTH_SOCK=0 (see https://bugs.launchpad.net/ubuntu/+source/gnome-keyring/+bug/328127).

]]>
By: Loïc https://pthree.org/2013/05/27/strengthen-your-private-encrypted-ssh-keys/#comment-126550 Tue, 28 May 2013 23:05:28 +0000 http://pthree.org/?p=3138#comment-126550 Thanks. But that’s odd, after retrying, it seems to work well. I think I did something wrong the first time 🙂

]]>
By: Aaron Toponce https://pthree.org/2013/05/27/strengthen-your-private-encrypted-ssh-keys/#comment-126549 Tue, 28 May 2013 20:20:55 +0000 http://pthree.org/?p=3138#comment-126549 Loic- You can convert back with "ssh-keygen -f ~/.ssh/id_rsa -p", and provide a passphrase.

demure- the same advice for you as above ---^.

]]>
By: demure https://pthree.org/2013/05/27/strengthen-your-private-encrypted-ssh-keys/#comment-126544 Tue, 28 May 2013 18:01:26 +0000 http://pthree.org/?p=3138#comment-126544 Thanks for sharing. Any idea if it would still be possible to update the passphrase after converting?

]]>
By: Loïc https://pthree.org/2013/05/27/strengthen-your-private-encrypted-ssh-keys/#comment-126543 Tue, 28 May 2013 17:53:10 +0000 http://pthree.org/?p=3138#comment-126543 Hi Aaron!

Cool post, I tried it, at first it seemed to work ok but now I have the following problem when trying to connect:
“Agent admitted failure to sign using the key.”
So now I can only connect with the password authentication :/
I understand this is an issue with ssh-agent, but when trying to add the new keys, it doesn’t work. It asks for my passphrase and then nothing happens.

]]>
By: Aaron Toponce https://pthree.org/2013/05/27/strengthen-your-private-encrypted-ssh-keys/#comment-126534 Mon, 27 May 2013 21:50:12 +0000 http://pthree.org/?p=3138#comment-126534 Good point. I'll update the post and the script.

]]>
By: Andreas Olsson https://pthree.org/2013/05/27/strengthen-your-private-encrypted-ssh-keys/#comment-126533 Mon, 27 May 2013 20:10:43 +0000 http://pthree.org/?p=3138#comment-126533 Regarding that script of yours.

Instead of running chmod afterwards, how about instead making sure that there is a proper umask in place beforehand, eliminating that small window of attack?

Not that I expect that distinction to matter much on a desktop system. Yet, when putting something together in a script one might as well make it right.

]]>