

Ask HN: Is sharing .ssh/authorized_keys a security issue? - kator

I noticed a .ssh/authorized_keys in a github dotfiles collection recently and wondered if people think this is dangerous?
======
patio11
If that account had id_rsa in it then I'd send them a courtesy email, since
that is a private key, but otherwise publishing your public keys is not
worrisome.

Consider the threat environment: I have a laptop with a private/public key
pair that gets me my main login on all services I run. It is possible that
Server #1 can get compromised, immediately compromising the public key on it.
I do not desire Server #2 to get compromised. No problem -- with only the
public key, they can't compute my private key. Also, when I authenticate with
them, I don't have to divulge my private key -- we can play a little game over
the wire and my system provides an answer which would have been
computationally unfeasible to calculate without having my private key handy.

There might be some minor data leakage if you name your keys something
descriptive. Mine are typically no more sensitive than email addresses.

------
ProblemFactory
The .ssh/authorized_keys contains _public_ keys. Technically, these can be
completely public, as it is infeasible to compute the corresponding private
key to get access. However, keeping it secret may be useful, in case a hacker
compromises another computer that you own with private keys on it.

If the authorized_keys file is published, they immediately know which private
keys are useful for remote logins.

If the authorized_keys file contains source-machine names and usernames in the
comment, it gives the hackers a list of your other machines to attempt
compromising to obtain the private keys.

If the authorized_keys file uses from="address" restrictions, publishing it
gives the hackers a list of allowed source networks for remote logins. If they
try to log in with the correct private key from the wrong network, they are
denied access (and may assume the key is invalid).

In summary, it's technically not a security risk, but there is no reason to
publish it and make life easier for hackers if they do happen to stumble on
one of your private keys.

------
kator
My gut tells me this is TMI for whomever might want to hack a site. Just
knowing what keys are allowed to ssh w/o a password seems like a great target.

Not sure what others think?

~~~
chilton
Under normal circumstances it should be impossible to generate the private key
that corresponds to public key. This is because a public key is mathematically
derived from it's private key in a way that both forces a brute force test of
the entire key domain as the only attack and requires that the each individual
test is expensive. In general sharing public keys should be safe. There are be
exceptions: If the key generator is somehow flawed the brute force search can
be narrowed. Also, the rate you can test is constantly increasing so in 1995
512 bit RSA keys were "safe" but I wouldn't trust them now. A realistic
attacker probably isn't going to attack the public key but if the key was
generated by "rob@example.com" he may try attacks against publicly visible
machines in example.com to obtain the correct private key. That's probably the
worst case scenario and it also may not bear fruit. Don't forget that you can
put a pass phrase on your private key to enhance your own security.

