LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 11-18-2016, 12:44 PM   #1
atelszewski
Member
 
Registered: Aug 2007
Distribution: Slackware
Posts: 890

Rep: Reputation: Disabled
Verifying host authenticity (SSH) after logging in, over then accessible secure serial terminal


Hi,

I find myself in rather interesting situation.
I need to securely login to remote system over SSH, without knowing the fingerprint in advance.
In addition, the fingerprint changes every time the machine is rebooted.
(It's live rescue system, so no persistence there).

I can access the machine over serial port over already trusted connection, but only after I run agetty on the serial port, and to run agetty I need to first login over SSH, which at this point is not yet secure.

My first idea was to:
1) login over SSH accepting whichever fingerprint it was,
2) start agetty on serial port,
3) login over serial port and then verify the fingerprint.

But this scenario, however unlikely, is susceptible to MITM.

Do you have any idea what would be the best way to do it in the above conditions?

Thanks in advance!

--
Best regards,
Andrzej Telszewski
 
Old 11-18-2016, 12:52 PM   #2
szboardstretcher
Senior Member
 
Registered: Aug 2006
Location: Detroit, MI
Distribution: GNU/Linux systemd
Posts: 4,237

Rep: Reputation: 1649Reputation: 1649Reputation: 1649Reputation: 1649Reputation: 1649Reputation: 1649Reputation: 1649Reputation: 1649Reputation: 1649Reputation: 1649Reputation: 1649
As to the first part - If you want to accept the fingerprint you can do this:

Code:
ssh-keyscan -H hostname >> ~/.ssh/known_hosts
ssh hostname

Last edited by szboardstretcher; 11-18-2016 at 12:53 PM.
 
Old 11-18-2016, 01:05 PM   #3
atelszewski
Member
 
Registered: Aug 2007
Distribution: Slackware
Posts: 890

Original Poster
Rep: Reputation: Disabled
Hi,

Quote:
Originally Posted by szboardstretcher View Post
As to the first part - If you want to accept the fingerprint you can do this:

Code:
ssh-keyscan -H hostname >> ~/.ssh/known_hosts
ssh hostname
That's not a problem, but good to learn another command.

--
Best regards,
Andrzej Telszewski
 
Old 11-20-2016, 05:35 PM   #4
BlackRider
Member
 
Registered: Aug 2011
Posts: 295

Rep: Reputation: 101Reputation: 101
Which live rescue system is it?

If this is really important, you might consider remastering the live system in order to have static fingerprints so you don't have to trust a different set of host keys everytime you connect.

If you are not willing to remaster the system, you can use a gateway system placed in the same network as the live system you want to access. If such network is really secure, you can ssh into the gateway system (accepting its static host keys, that don't change) and then ssh from it into the live system (since the network is supposedly secure, you can accept any fingerprint it offers). The obvious problem is that a network you consider secure might not be so for different reasons.
 
Old 11-20-2016, 05:43 PM   #5
atelszewski
Member
 
Registered: Aug 2007
Distribution: Slackware
Posts: 890

Original Poster
Rep: Reputation: Disabled
Hi,

Quote:
Originally Posted by BlackRider View Post
Which live rescue system is it?
Something based on Ubuntu 14.04.

Quote:
Originally Posted by BlackRider View Post
If this is really important, you might consider remastering the live system in order to have static fingerprints so you don't have to trust a different set of host keys everytime you connect.

If you are not willing to remaster the system, you can use a gateway system placed in the same network as the live system you want to access. If such network is really secure, you can ssh into the gateway system (accepting its static host keys, that don't change) and then ssh from it into the live system (since the network is supposedly secure, you can accept any fingerprint it offers). The obvious problem is that a network you consider secure might not be so for different reasons.
Unfortunately, I don't have any of the possibilities.
What I described in my initial post, is all I have.

--
Best regards,
Andrzej Telszewski
 
Old 11-23-2016, 02:21 PM   #6
atelszewski
Member
 
Registered: Aug 2007
Distribution: Slackware
Posts: 890

Original Poster
Rep: Reputation: Disabled
Hi,

It turned out that I can actually push my public key over secure connection.
Then I can connect using public key authentication; still I can't ensure the host key authenticity.

Per SSH Man-in-the-Middle Attack and Public-Key Authentication Method, MITM is not possible, when using pubkey.

So am I safe to connect?

--
Best regards,
Andrzej Telszewski
 
Old 11-26-2016, 08:12 PM   #7
allend
LQ 5k Club
 
Registered: Oct 2003
Location: Melbourne
Distribution: Slackware-current
Posts: 5,177

Rep: Reputation: 1849Reputation: 1849Reputation: 1849Reputation: 1849Reputation: 1849Reputation: 1849Reputation: 1849Reputation: 1849Reputation: 1849Reputation: 1849Reputation: 1849
A possible alternative would be to setup the live rescue system so that when it is booted, it creates a reverse SSH tunnel to your local system. Then you could connect back from your local system to the remote live rescue system.
 
Old 11-27-2016, 04:23 AM   #8
atelszewski
Member
 
Registered: Aug 2007
Distribution: Slackware
Posts: 890

Original Poster
Rep: Reputation: Disabled
Hi,

Quote:
Originally Posted by allend View Post
A possible alternative would be to setup the live rescue system so that when it is booted, it creates a reverse SSH tunnel to your local system. Then you could connect back from your local system to the remote live rescue system.
I don't have possibility to change the rescue system in any way.

--
Best regards,
Andrzej Telszewski
 
Old 12-06-2016, 07:44 AM   #9
atelszewski
Member
 
Registered: Aug 2007
Distribution: Slackware
Posts: 890

Original Poster
Rep: Reputation: Disabled
Hi,

Quote:
Originally Posted by atelszewski View Post
It turned out that I can actually push my public key over secure connection.
Then I can connect using public key authentication; still I can't ensure the host key authenticity.

Per SSH Man-in-the-Middle Attack and Public-Key Authentication Method, MITM is not possible, when using pubkey.

So am I safe to connect?
After thinking the matter through, I came to the conclusion that it would be possible to connect securely, but it's actually not possible in my case.

My reasoning was the following:
1. I connect (without knowing server's host key fingerprint) using previously pushed public key.
2. I start agetty on serial port.
3. I login over serial port.
4. I verify the host's key.

If I understand correctly the operation of public key in SSH, in the scenario described above, the attacker would be able to only return junk to me, but he is actually not able to execute commands on the server. He could only pass my genuine commands to the server or nothing at all. So if I was able to start agetty on serial port, it would be secure console.

Unfortunately, using public key, I can only login as regular user into this particular machine and regular user is not able to start agetty.
To start agetty, I have to become root. For that I would have to use sudo and type my password.
And the password could be captured by the attacker.

Bummer.

--
Best regards,
Andrzej Telszewski
 
Old 12-06-2016, 07:54 AM   #10
sundialsvcs
LQ Guru
 
Registered: Feb 2004
Location: SE Tennessee, USA
Distribution: Gentoo, LFS
Posts: 9,078
Blog Entries: 4

Rep: Reputation: 3175Reputation: 3175Reputation: 3175Reputation: 3175Reputation: 3175Reputation: 3175Reputation: 3175Reputation: 3175Reputation: 3175Reputation: 3175Reputation: 3175
I don't think that "agetty over a (physical) serial port" can ever be made "secure" in this way.

But even an unencrypted protocol can be secure if it is forced to pass [only] through an [Open]VPN connection that is properly secured using one-of-a-kind certificates. If a daemon (even "telnet") is only listening to the OpenVPN virtual network and is not listening to the "outside," unencrypted communication by that daemon will be secured by the OpenVPN tunnel through which it is forced to pass. (Just be very sure that this is what it's really doing!)

Last edited by sundialsvcs; 12-06-2016 at 08:29 AM.
 
Old 12-06-2016, 08:34 AM   #11
atelszewski
Member
 
Registered: Aug 2007
Distribution: Slackware
Posts: 890

Original Poster
Rep: Reputation: Disabled
Hi,

Quote:
Originally Posted by sundialsvcs View Post
I don't think that "agetty over a (physical) serial port" can ever be made "secure" in this way.
Why not? I have secure access to the serial port. The only problem is that agetty is not started automatically for it.

Quote:
Originally Posted by sundialsvcs View Post
But even an unencrypted protocol can be secure if it is forced to pass [only] through an [Open]VPN connection that is properly secured using one-of-a-kind certificates. If a daemon (even "telnet") is only listening to the OpenVPN virtual network and is not listening to the "outside," unencrypted communication by that daemon will be secured by the OpenVPN tunnel through which it is forced to pass. (Just be very sure that this is what it's really doing!)
Remember what are my limitations with this particular server ;-/

--
Best regards,
Andrzej Telszewski
 
Old 12-06-2016, 09:10 AM   #12
sundialsvcs
LQ Guru
 
Registered: Feb 2004
Location: SE Tennessee, USA
Distribution: Gentoo, LFS
Posts: 9,078
Blog Entries: 4

Rep: Reputation: 3175Reputation: 3175Reputation: 3175Reputation: 3175Reputation: 3175Reputation: 3175Reputation: 3175Reputation: 3175Reputation: 3175Reputation: 3175Reputation: 3175
... then why is there not a agetty daemon running against this port all the time, i.e. at boot?
 
Old 12-06-2016, 10:14 AM   #13
atelszewski
Member
 
Registered: Aug 2007
Distribution: Slackware
Posts: 890

Original Poster
Rep: Reputation: Disabled
Hi,

Quote:
Originally Posted by sundialsvcs View Post
... then why is there not a agetty daemon running against this port all the time, i.e. at boot?
That is the way the provider has configured the rescue OS.
I have no influence over that.

--
Best regards,
Andrzej Telszewski
 
Old 01-15-2017, 10:42 AM   #14
atelszewski
Member
 
Registered: Aug 2007
Distribution: Slackware
Posts: 890

Original Poster
Rep: Reputation: Disabled
Hi,

Recapping the situation:
  • I am trying to securely connect to SSH server for which I don't and cannot know the host key fingerprint in advance. The fingerprint changes with every reboot.
  • I can upload my public key to the server over secure channel (by means of server's management website).
  • Based on information found here (SSH Man-in-the-Middle Attack and Public-Key Authentication Method), connecting to unknown SSH server using public key authentication does not allow an attacker (who MITM-s the connection) to execute any commands on the server side. The "only" damage he can cause is to return arbitrary result to the client.

I came up with the following solution.
  • I upload my public key (1) that I'm going to use for login.
  • I upload freshly generated public key (2).
  • I login using key (1).
  • I do cat authorized_keys on the server. If I find key (2) there, I know I'm connected to the the correct system.
My reasoning is that the attacker cannot know key (2) in advance, so even if he knew my strategy, he is not able to produce the cat output I expect.

Does it sound as correct solution?

Thanks in advance!

--
Best regards,
Andrzej Telszewski
 
Old 01-28-2017, 03:11 PM   #15
ntubski
Senior Member
 
Registered: Nov 2005
Distribution: Debian, Arch
Posts: 3,440

Rep: Reputation: 1701Reputation: 1701Reputation: 1701Reputation: 1701Reputation: 1701Reputation: 1701Reputation: 1701Reputation: 1701Reputation: 1701Reputation: 1701Reputation: 1701
Quote:
Originally Posted by atelszewski View Post
  • I can upload my public key to the server over secure channel (by means of server's management website).
  • Based on information found here (SSH Man-in-the-Middle Attack and Public-Key Authentication Method), connecting to unknown SSH server using public key authentication does not allow an attacker (who MITM-s the connection) to execute any commands on the server side. The "only" damage he can cause is to return arbitrary result to the client.
Assuming the key upload channel is secure, and that MITM pubkey analysis is correct (I haven't completely digested it yet, but at first glance it looks okay), your solution should prevent getting fooled by a fake server.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
[SOLVED] ssh hangs when trying to secure shell to one particular host jjanderson5 Linux - Networking 3 10-21-2016 12:19 PM
Advise on secure remote ssh accessible 24/7 server in home network fritzxy Linux - Security 7 08-10-2014 08:48 PM
ssh: authenticity of host can't be established question opens x dialog joe_2000 Linux Mint 2 05-10-2014 06:09 AM
Is there a way to prevent this message:The authenticity of host can't be established. abefroman Linux - Server 8 11-27-2009 02:52 PM
no ssh logging in /var/log/secure mberd Linux - Security 4 05-27-2009 07:55 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 03:33 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration