Hacker News new | comments | show | ask | jobs | submit login

Good article overall, but there is one major problem with the section on public-key auth; it's rarely a good idea to use blank pass phrases on your private keys, for two good reasons:

1. The security implications. Without a passphrase, anyone who manages to snare a copy of your private key can use it to access any servers where you've authorized it with no further credentials needed. Not good. Using a passphrase turns SSH auth into a poor man's two factor system: what you have (the key file), and what you know (the passphrase).

2. It breaks agent-forwarding, which is the system that gives you the ability to SSH onwards from the remote machine to other machines without (again) being asked for your password. This has practical implications when using SSH to drive things like application deployment over git, when you have to ssh onward from the server to your git repository. Doing things this way sidesteps the awkward use of deploy keys, and is actually easier to set up and use as well as being more secure. With agent forwarding, there's no need to keep your private key anywhere except your 'home' machine, and yet you get the same benefits your would if you had it everywhere.

The annoyance of having to type in your passphrase every time is greatly lessened by the use of a key agent on your 'home' machine. OS X has provided a key agent since 10.5 I believe, and stores the passphrase in your Keychain (you know you're doing things right if an OS X dialog box prompts you for your passphrase when running SSH in the terminal). Gnome has one built in as well, and ssh-agent is always around for people who want to roll their own.

If there's interest, I'll write up a blog post about how to get this stuff set up. It's not really easily discoverable stuff, but it _is_ really simple and useful once you get it up and running.

If you are going to go the terminal way with ssh-agent I highly recommend using keychain (http://www.funtoo.org/en/security/keychain/intro/ ) which is quite easy to setup and use, and much easier than having to do ssh-add and so on every time you want to use a specific key.

There also exists the ControlMaster configuration option which treats multiple sessions to the same host as a single connection. With this enabled, you only have to enter your SSH passphrase once per host. Aside from the convenience of not having to repeatedly enter your passphrase, subsequent sessions are initiated much faster (due to not having to renegotiate) and there is (theoretically) less strain put on your network adapter. Note, however, that if there are no active sessions to a host, the connection to that host will be dropped, and you will have to re-enter your passphrase upon reconnection. See the ControlPersist option for dealing with connection persistence.

If you're like me, however, you'll use both keychain and ControlMaster (for the increased negotiation speed) :)

Keychain is the best. It also works with gpg-agent, if you're old and cranky enough to still think gpg is worth using.

I didn't realize I was old and cranky...

I've been using gpg-agent with a smartcard for ssh authentication for the past six months or so. It's the way, the truth, and the light.

Real two-factor authentication. The key can't be compromised without trying to physically take apart the chip on the card and somehow access the internals. Three wrong password attempts and the thing locks. Three wrong attempts with the admin unlock code and the card self-destructs. So even if I lose the card or someone jacks it, it can't be brute forced.

(Yes I don't need that level of security, and I'm not even being paranoid; it's just neat. Makes me feel like James Bond or Batman or some shit like that every time I ssh somewhere. Yes I'm that lame... )

And since it's still using a standard RSA key for ssh authentication, I don't need to install anything special like experimental pam modules, on the host machines. Just copy the public key into authorized_keys. That's nice since I don't have full admin rights on a lot of my host machines.

Sounds interesting? Got a reference? Thanks.

There is a howto on the gnupg site, but frankly it's a little out of date. It focuses enough on hardware to scare people away, but these days most readers are libccid compatible, so it's a non issue. Setup is actually pretty simple.

Basically you either get a card and reader:


Or get an all-in-one cryptostick:


And setup your gpg keys on there, either by generating them directly on the card or transferring existing keys. These are simple commands documented elsewhere. In addition to the normal signing and encryption keys, you also generate an authentication key.

Then 'ssh-add -L' will spit out your public key in ssh format to copy on the host machines as usual.

After that you just make sure that you'll use gpg-agent instead of ssh-agent. The man page for gpg-agent shows you what you'll want to add to .bashrc.

Then when you ssh into a machine, gpg-agent will take over, pop up a little dialog called pinentry, you enter your code, and you're good. When you go to lunch, remove card, and ssh authentication with that key no longer works.

What kind of smartcard are you using?

I would definitely be interested in learning more about this stuff from a blog post.

Me too.

Ironically, GitHub warns against using unprotected private keys in their setup guide:


Your mention of Gnome's built in key-ring is rather interesting. I just setup keys on my desktop for my work servers and was met with a foreign prompt for this key. I was startled and unclear about what to do, until I did some digging around. I'm sure an article would be appreciated!

It breaks agent-forwarding

How does it break agent forwarding?

I haven't tried but don't see why that should require a password on the private key.

The key is in the name: agent-forwarding. ssh doesn't pass the key itself through to onward connections, it passes a connection to your local ssh-agent instead.

ssh (the command) can access the material in your private keys in one of two ways, either by direct file access itself (in which case it will always ask you for a passphrase if there is one protecting the key in question), or else via an intermediating ssh-agent process. Roughly speaking, ssh does something like the following when looking for key material:

  if private key file exists and has no passphrase on it
     use it directly (and implicitly do not forward the agent)
  else if ssh-agent is running
     ask the agent for the key (and forward the agent)
     ask the user for a passphrase ourselves (and implicitly do not forward the agent)
The end result of all this is that if you have an unprotected key, ssh doesn't talk to your local agent at all, and so obviously can't forward it.

Cheers for pointing that out.

I haven't taken the time to figure out key agent -- for shame! -- although I would be interested in a write-up.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact