<<< Date Index >>>     <<< Thread Index >>>

Re: sending through a remote MTA with ssh



On Thu, Feb 16, 2006 at 12:17:21PM -0500, Derek Martin wrote:
> On Thu, Feb 16, 2006 at 09:06:48AM +0000, Chris Green wrote:
> > I use it from a work computer which is secure enough for me to simply
> > set up secure keys and allow passwordless login without using
> > ssh_agent.  Since I stay logged on to my work computer all day using
> > ssh_agent would add nothing in the way of security.
> 
> Presumably by "set up secure keys and allow passwordless login without
> using ssh_agent" you mean you've created keys with no passphrase.
> 
Yes, sorry, that's the one.  It's a while since I did it so I'd
forgotten the details.  .... and I did read all about the security
risks.


> In practical terms, what you say is probably true; but there is a
> difference.  Anyone who could access your computer (either physically,
> or reomotely through some exploit) could easily make a copy of your
> key, which is not encrypted.  While an unencrypted copy of your key is
> available in your agent, the "attacker" would require a greater level
> of sophistication to get your key out of the process's memory than
> would be required to copy the file...
>  
If they can get access to my home directories on the computers at work
there are *far* more interesting things to steal than the unencrypted
ssh keys there!  This is why I decided it was 'safe enough'.


> In environments that require a high degree of security, using
> unencrypted keys (keys with no passphrase) is unwise.  Even if you use
> ssh-agent (and hence an unencrypted copy of your key is laying around
> in memory), the extra security you get from using passphrases is
> small, but probably worthwhile.  In such environments though, better
> still to not use ssh-agent...
> 
Yes, if security is a serious issue then unencrypted keys whether in
memory or in a file are probably not a 'good thing'.


> Of course, a compromise of the key you use to access your e-mail
> system is probably not the end of the world, unless it does a whole
> lot more than just send and receive your e-mail...
> 
You have hit the nail well on the head there.

-- 
Chris Green (chris@xxxxxxxxxxx)

    "Never ascribe to malice that which can be explained by incompetence."