@google hope you enjoyed reading this, It had nothing to do with you! sent from my HTC. On Sep 30, 2013 6:23 PM, "Paul Smith" <<a href="mailto:paul@mad-scientist.net">paul@mad-scientist.net</a>> wrote: > > On Mon, 2013-09-30 at 12:48 -0400, Hal Burgiss wrote: > > > > On Mon, Sep 30, 2013 at 12:14 PM, Paul Smith <<a href="mailto:paul@mad-scientist.net">paul@mad-scientist.net</a>> wrote: > > On Mon, 2013-09-30 at 17:06 +0100, Colin Law wrote: > > > On 30 September 2013 16:55, Kent Borg <<a href="mailto:kentborg@borg.org">kentborg@borg.org</a>> wrote: > > > > On 09/29/2013 10:48 AM, Hal Burgiss wrote: > > > > On Sat, Sep 28, 2013 at 2:17 PM, Kent Borg <<a href="mailto:kentborg@borg.org">kentborg@borg.org</a>> wrote: > > > >> Yes, private keys are encrypted--if you encrypt them. So if someone has > > > >> your private key, they still need to break any encryption. > > > > > > > > Huh? > > > > > > > > You sound confused. What part don't you get? > > > > > > If someone has your private key then they have your private key. > > > There is no encryption that they need to break. > > > I'm sure that Kent is assuming that you've added a passphrase to your > > private key; anyone who cares about the security of their private key > > will certainly do this. > > > > If the key has a passphrase then just having the key file won't help, > > you also must have, or be able to guess, the passphrase. > > > > That's a passphrase, unrelated to "encryption". All ssh keys (public > > and private) are *encrypted* when they are created using dsa, rsa, > > and probably other options as well. The man page seems to make this > > perfectly clear. If for some reason, you add any additional encryption > > (which is how I am understanding Kent's comment), then they would not > > be usable as-is by sshd. > > I don't understand the distinction you're trying to make here, and I > don't think I agree with your terminology. > > A (passphrase-less) private key is not "encrypted". A private key is, > basically, a mathematical value which can be fed into a deterministic > algorithm. It is used to perform encryption and decryption, but it, > itself, is not encrypted. It can be considered to be "encoded", since > the binary value is translated into a long string of hex digits for > convenient storage and distribution, but it's not encrypted since it can > be used directly without needing to be combined with any other > information. > > A private key file with a passphrase is encrypted: getting a copy of the > key file alone won't let you use it. The contents of the file must be > processed with the passphrase as input in order to change it back into a > usable file. Just like any other encrypted file. > > > And passphrases completely break unattended processes that some of us > > need to do (ie for system to system backups, etc). > > Of course there are many uses for passphrase-less keys. They provide a > convenience of unattended remote access, with at least some amount of > security. They're equivalent, authentication-wise, to writing a script > containing the password needed to log in remotely, only ssh/scp are far > more convenient than telnet/ftp (and they encrypt traffic, but that's > not an authentication feature). > > However one should not imagine that those are any more secure than your > local disk. I create different keys for this kind of access and I'd > NEVER use those for any other purpose. All the keys I use for > interactive access to other servers always have a strong passphrase. > > > In fact, sshd creates system passphraseless public/private key pairs > > during installation in /etc/ssh. These are courtesy of Ubuntu and ssh > > maintainers. > > Those are host keys. They have a completely different purpose: they're > there to avoid man-in-the-middle attacks (to prove that the server > you're talking to is the one that you think it is). Only the SSH daemon > needs to read those private keys so they're owned by, and readable only > by, root on the server. If an attacker can read those key files then > they already have root access to the server and you've already lost. > > You should never use host keys as normal public/private keys for user > accounts, not even root. > > > Cheers! > > > -- > ubuntu-users mailing list > <a href="mailto:ubuntu-users@lists.ubuntu.com">ubuntu-users@lists.ubuntu.com</a> > Modify settings or unsubscribe at: <a href="https://lists.ubuntu.com/mailman/listinfo/ubuntu-users">https://lists.ubuntu.com/mailman/listinfo/ubuntu-users</a> Thanks for you clarity! I've been following this thread with interest, as I am currently setting up a home media server, and I was thinking (tentatively) of allowing remote access from selected locations, and I was getting a bit jargon hazed! Pete s