[SOLVED] Verifying host authenticity (SSH) after logging in, over then accessible secure serial terminal
Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Verifying host authenticity (SSH) after logging in, over then accessible secure serial terminal
Hi,
I find myself in rather interesting situation.
I need to securely login to remote system over SSH, without knowing the fingerprint in advance.
In addition, the fingerprint changes every time the machine is rebooted.
(It's live rescue system, so no persistence there).
I can access the machine over serial port over already trusted connection, but only after I run agetty on the serial port, and to run agetty I need to first login over SSH, which at this point is not yet secure.
My first idea was to:
1) login over SSH accepting whichever fingerprint it was,
2) start agetty on serial port,
3) login over serial port and then verify the fingerprint.
But this scenario, however unlikely, is susceptible to MITM.
Do you have any idea what would be the best way to do it in the above conditions?
If this is really important, you might consider remastering the live system in order to have static fingerprints so you don't have to trust a different set of host keys everytime you connect.
If you are not willing to remaster the system, you can use a gateway system placed in the same network as the live system you want to access. If such network is really secure, you can ssh into the gateway system (accepting its static host keys, that don't change) and then ssh from it into the live system (since the network is supposedly secure, you can accept any fingerprint it offers). The obvious problem is that a network you consider secure might not be so for different reasons.
If this is really important, you might consider remastering the live system in order to have static fingerprints so you don't have to trust a different set of host keys everytime you connect.
If you are not willing to remaster the system, you can use a gateway system placed in the same network as the live system you want to access. If such network is really secure, you can ssh into the gateway system (accepting its static host keys, that don't change) and then ssh from it into the live system (since the network is supposedly secure, you can accept any fingerprint it offers). The obvious problem is that a network you consider secure might not be so for different reasons.
Unfortunately, I don't have any of the possibilities.
What I described in my initial post, is all I have.
It turned out that I can actually push my public key over secure connection.
Then I can connect using public key authentication; still I can't ensure the host key authenticity.
A possible alternative would be to setup the live rescue system so that when it is booted, it creates a reverse SSH tunnel to your local system. Then you could connect back from your local system to the remote live rescue system.
A possible alternative would be to setup the live rescue system so that when it is booted, it creates a reverse SSH tunnel to your local system. Then you could connect back from your local system to the remote live rescue system.
I don't have possibility to change the rescue system in any way.
It turned out that I can actually push my public key over secure connection.
Then I can connect using public key authentication; still I can't ensure the host key authenticity.
After thinking the matter through, I came to the conclusion that it would be possible to connect securely, but it's actually not possible in my case.
My reasoning was the following:
1. I connect (without knowing server's host key fingerprint) using previously pushed public key.
2. I start agetty on serial port.
3. I login over serial port.
4. I verify the host's key.
If I understand correctly the operation of public key in SSH, in the scenario described above, the attacker would be able to only return junk to me, but he is actually not able to execute commands on the server. He could only pass my genuine commands to the server or nothing at all. So if I was able to start agetty on serial port, it would be secure console.
Unfortunately, using public key, I can only login as regular user into this particular machine and regular user is not able to start agetty.
To start agetty, I have to become root. For that I would have to use sudo and type my password.
And the password could be captured by the attacker.
I don't think that "agetty over a (physical) serial port" can ever be made "secure" in this way.
But even an unencrypted protocol can be secure if it is forced to pass [only] through an [Open]VPN connection that is properly secured using one-of-a-kind certificates. If a daemon (even "telnet") is only listening to the OpenVPN virtual network and is not listening to the "outside," unencrypted communication by that daemon will be secured by the OpenVPN tunnel through which it is forced to pass. (Just be very sure that this is what it's really doing!)
Last edited by sundialsvcs; 12-06-2016 at 08:29 AM.
I don't think that "agetty over a (physical) serial port" can ever be made "secure" in this way.
Why not? I have secure access to the serial port. The only problem is that agetty is not started automatically for it.
Quote:
Originally Posted by sundialsvcs
But even an unencrypted protocol can be secure if it is forced to pass [only] through an [Open]VPN connection that is properly secured using one-of-a-kind certificates. If a daemon (even "telnet") is only listening to the OpenVPN virtual network and is not listening to the "outside," unencrypted communication by that daemon will be secured by the OpenVPN tunnel through which it is forced to pass. (Just be very sure that this is what it's really doing!)
Remember what are my limitations with this particular server ;-/
I am trying to securely connect to SSH server for which I don't and cannot know the host key fingerprint in advance. The fingerprint changes with every reboot.
I can upload my public key to the server over secure channel (by means of server's management website).
Based on information found here (SSH Man-in-the-Middle Attack and Public-Key Authentication Method), connecting to unknown SSH server using public key authentication does not allow an attacker (who MITM-s the connection) to execute any commands on the server side. The "only" damage he can cause is to return arbitrary result to the client.
I came up with the following solution.
I upload my public key (1) that I'm going to use for login.
I upload freshly generated public key (2).
I login using key (1).
I do cat authorized_keys on the server. If I find key (2) there, I know I'm connected to the the correct system.
My reasoning is that the attacker cannot know key (2) in advance, so even if he knew my strategy, he is not able to produce the cat output I expect.
I can upload my public key to the server over secure channel (by means of server's management website).
Based on information found here (SSH Man-in-the-Middle Attack and Public-Key Authentication Method), connecting to unknown SSH server using public key authentication does not allow an attacker (who MITM-s the connection) to execute any commands on the server side. The "only" damage he can cause is to return arbitrary result to the client.
Assuming the key upload channel is secure, and that MITM pubkey analysis is correct (I haven't completely digested it yet, but at first glance it looks okay), your solution should prevent getting fooled by a fake server.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.