← Back to context

Comment by graemep

11 days ago

You should encrypt your ssh keys anyway, and you should encrypt anything sensitive you are backing up to a cloud.

15 comments

graemep

Reply
9dev  11 days ago

Actually, you shouldn’t. You probably use an easy-to-remember password on SSH keys since you have to type them often, but that also means you’re storing one of your (let’s face it, the primary) password you have in a single file, readable to every executable your run under your account. And that means you’re one exfil away from not only getting your SSH keys compromised, but also allowing an attacker to run an offline decryption attack with unlimited attempts. This invariably leads to your main password getting compromised.

Instead, set up SSH certificates, MFA, Yubikey, or TPM/Enclave storage for your private keys.

  • yjftsjthsd-h  11 days ago

    > You probably use an easy-to-remember password on SSH keys since you have to type them often

    No, use ssh-agent and decrypt once per boot.

    > Instead, set up SSH certificates, MFA, Yubikey, or TPM/Enclave storage for your private keys.

    Granted, I agree with this, too.

  • bityard  11 days ago

    > but also allowing an attacker to run an offline decryption attack with unlimited attempts. This invariably leads to your main password getting compromised.

    Do the OpenSSH authors not know about PKBDF2 or similar?

    • degamad  11 days ago

      How does PBKDF2 prevent an offline decryption attack with unlimited attempts?

      All it does is slow down the attempts, but for the average person's easy-to-remember password, it's probably increasing the effort from milliseconds to a few days.

    • wafflemaker  10 days ago

      I always aimed for 15+ letter passwords and set at least 100 rounds of the key function? (The -a flag) when generating password protected ssh keys.