Comment by graemep
8 hours ago
You should encrypt your ssh keys anyway, and you should encrypt anything sensitive you are backing up to a cloud.
8 hours ago
You should encrypt your ssh keys anyway, and you should encrypt anything sensitive you are backing up to a cloud.
Private keys should never leave the device where they are created.
So no backups?
Correct. Private keys should never be backed up. Instead, should you need a backup, you should create a distinct key for that purpose.
3 replies →
You can have backup private keys, they don't have to be copies of some other private keys.
Actually, you shouldn’t. You probably use an easy-to-remember password on SSH keys since you have to type them often, but that also means you’re storing one of your (let’s face it, the primary) password you have in a single file, readable to every executable your run under your account. And that means you’re one exfil away from not only getting your SSH keys compromised, but also allowing an attacker to run an offline decryption attack with unlimited attempts. This invariably leads to your main password getting compromised.
Instead, set up SSH certificates, MFA, Yubikey, or TPM/Enclave storage for your private keys.
> You probably use an easy-to-remember password on SSH keys since you have to type them often
No, use ssh-agent and decrypt once per boot.
> Instead, set up SSH certificates, MFA, Yubikey, or TPM/Enclave storage for your private keys.
Granted, I agree with this, too.
> but also allowing an attacker to run an offline decryption attack with unlimited attempts. This invariably leads to your main password getting compromised.
Do the OpenSSH authors not know about PKBDF2 or similar?