bash Cookbook by Carl Albing JP Vossen and Cameron Newham

Author:Carl Albing, JP Vossen, and Cameron Newham
Language: eng
Format: mobi
Tags: COMPUTERS / Operating Systems / UNIX
ISBN: 9780596158477
Publisher: O’Reilly Media
Published: 2008-12-17T05:00:00+00:00

keychain is a clever, well-written and well-commented shell script that automates and manages the otherwise tedious process of exporting those environment variables we discussed above into other sessions. It also makes them available to scripts and cron. But you’re probably saying to yourself, wait a second here, you want me to leave all my keys in this thing forever, until the machine reboots? Well, yes, but it’s not as bad as it sounds.

First of all, you can always kill it, though that will also prevent scripts or cron from using it. Second, there is a --clean option that flushes cached keys when you log in. Sound backward? It actually makes sense. Here are the details, from keychain’s author (first published by IBM developerWorks at http://www.ibm.com/developerworks/, see http://www.ibm.com/developerworks/linux/library/l-keyc2/):

I explained that using unencrypted private keys is a dangerous practice, because it allows someone to steal your private key and use it to log in to your remote accounts from any other system without supplying a password. Well, while keychain isn’t vulnerable to this kind of abuse (as long as you use encrypted private keys, that is), there is a potentially exploitable weakness directly related to the fact that keychain makes it so easy to “hook in” to a long-running ssh-agent process. What would happen, I thought, if some intruder were somehow able to figure out my password or pass-phrase and log into my local system? If they were somehow able to log in under my username, keychain would grant them instant access to my decrypted private keys, making it a no-brainer for them to access my other accounts.

Now, before I continue, let’s put this security threat in perspective. If some malicious user were somehow able to log in as me, keychain would indeed allow them to access my remote accounts. Yet, even so, it would be very difficult for the intruder to steal my decrypted private keys since they are still encrypted on disk. Also, gaining access to my private keys would require a user to actually log in as me, not just read files in my directory. So, abusing ssh-agent would be a much more difficult task than simply stealing an unencrypted private key, which only requires that an intruder somehow gain access to my files in ~/.ssh, whether logged in as me or not. Nevertheless, if an intruder were successfully able to log in as me, they could do quite a bit of additional damage by using my decrypted private keys. So, if you happen to be using keychain on a server that you don’t log into very often or don’t actively monitor for security breaches, then consider using the --clear option to provide an additional layer of security.

The --clear option allows you to tell keychain to assume that every new login to your account should be considered a potential security breach until proven otherwise. When you start keychain with the --clear option, keychain immediately flushes all your private keys from ssh-agent’s cache when you log in, before performing its normal duties.

Download

Copyright Disclaimer:
This site does not store any files on its server. We only index and link to content provided by other sites. Please contact the content providers to delete copyright contents if any and email us, we'll remove relevant links or contents immediately.