From owner-freebsd-security@FreeBSD.ORG Mon Feb 9 22:48:13 2009 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 82E4F1065678 for ; Mon, 9 Feb 2009 22:48:13 +0000 (UTC) (envelope-from daniel@roe.ch) Received: from calvin.ustdmz.roe.ch (calvin.ustdmz.roe.ch [IPv6:2001:41e0:ff17:face::26]) by mx1.freebsd.org (Postfix) with ESMTP id 88C648FC57 for ; Mon, 9 Feb 2009 22:48:10 +0000 (UTC) (envelope-from daniel@roe.ch) Received: from roe (ssh-from [2001:41e0:ff17:babe::101]) by calvin.ustdmz.roe.ch (envelope-from ) with LOCAL id 1LWev8-000Gua-7p ; Mon, 09 Feb 2009 23:48:06 +0100 Date: Mon, 9 Feb 2009 23:48:06 +0100 From: Daniel Roethlisberger To: Lyndon Nerenberg Message-ID: <20090209224806.GB63675@hobbes.ustdmz.roe.ch> Mail-Followup-To: Lyndon Nerenberg , Jason Stone , freebsd-security@freebsd.org References: <200902090957.27318.mail@maxlor.com> <20090209170550.GA60223@hobbes.ustdmz.roe.ch> <20090209134738.G15166@treehorn.dfmm.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.4.2.3i Cc: Jason Stone , freebsd-security@freebsd.org Subject: Re: OPIE considered insecure X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 09 Feb 2009 22:48:34 -0000 Lyndon Nerenberg 2009-02-09: > >Right, but that's not the problem they're trying to solve. > >They're trying to solve the problem of logging in _from_ an > >untrusted machine, to a trusted machine. > > Okay, I got it backawrds. > > >So, an alternative might be to carry around a USB key with a > >one-time private key, different from your normal private keys, > >and have the public key command-squashed on the server to > >remove itself from authorized_keys before running the shell. > > That's what I do -- multiple throw-away keys on a USB stick, > for emergencies. However if you're that paranoid you better be > carrying around your own set of ssh binaries on that stick as > well. My use case is primarily to log in from highly untrusted and malware infested systems. OPIE has been a usable solution to that problem. I'm primarily worried about keyloggers and USB memory stick content dumpers. OPIE fits that bill quite well. > >You could generate several, each with a different passphrase > >(assuming that you could manage to remember that many > >passphrases and which keys they go with), and get a similar > >effect to printing out a card with the next ten OPIE > >passwords. > > It's not that hard to come up with a scheme that lets you map > from an identifier tagged to the private key to the > corresponding password (in your head). It's a pain at the > start, but once you've used a given scheme for a while it > becomes second nature. > > Akso, note that you can get similar behaviour using K5 with > one-off instances of your principal (e.g. > lyndon.a6d5mps@EXAMPLE.ORG). The advantage here is that there > are no key files involved (but you still want to carry a > trusted kinit binary with you). The downside is that most sites > don't have K5/GSSAPI enabled. And of those that do, a > significant percentage of the implementations still don't to > dynamic realm discovery, therefore you need a pre-existing > arrangement to map your realm to the appropriate KDCs. I prefer OPIE also because it does not need anything fancy on the client side beyond a standard SSH2 client. -- Daniel Roethlisberger http://daniel.roe.ch/