Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions

ssh key-exchange - how can the server verify the client?

Posted on 2015-02-23
Last Modified: 2015-03-04
I thought I understood how ssh key exchange works; Once a connection is established, the server encrypts messages with the clients public key so only the client can decrypt it.

But what if more that one client has a copy of that private key? Either by design, or if a client system is cloned (or even just renamed), the copy of the key works - so a client cloned for a test  environment still has a key to the production server. The "tag" in id_rsa.pub, e.g. "root@myPC" doesn't necessarily relate to "myPC"

A client system checks the fingerprint of the server and will complain if it changes (ssh_config - StrictHostKeyChecking - unless that has been disabled); But can it be set up the other way around, so a key is only usable by a fingerprinted client?
Question by:tfewster

Assisted Solution

by:Oleksiy Gayda
Oleksiy Gayda earned 100 total points
ID: 40626244
The short answer is - there should never exist more than one copy of your private key. The whole point of the public key cryptography is to assure authenticity and non-repudiability of communications, based on the fact that a specific private key is unique to a specific client. Easiest way (and, arguably, the only correct way) to fix the predicament you're describing (multiple copies of the private key existing) is to revoke and replace the compromised key. Other than that, your only chance at differentiating systems would be by a public IP address (which wouldn't help if both systems are connecting from the same NAT-ed/public IP address).
LVL 33

Expert Comment

by:Dave Howe
ID: 40626252
not quite how it works.  the public key of the server is used to authenticate to the client & also protect the setup of a symmetric key used to encrypt the rest of the conversation.  over that encrypted channel,  the client authenticates using a supported method - password,  pki, kerberos token,  whatever; if that is compromised,  then the server won't know different than from the genuine user, but that is true of all systems.
LVL 33

Expert Comment

by:Dave Howe
ID: 40626257
in the case where multiple users log into the system as the same account (but with different keys),  often it won't even log which key was used. :(
Use Case: Protecting a Hybrid Cloud Infrastructure

Microsoft Azure is rapidly becoming the norm in dynamic IT environments. This document describes the challenges that organizations face when protecting data in a hybrid cloud IT environment and presents a use case to demonstrate how Acronis Backup protects all data.

LVL 21

Assisted Solution

Mazdajai earned 50 total points
ID: 40626824
Be design. Any client with private key can have access to any servers with the correct pair of public key with no passphrase.

You can setup passphrase in the event that private key is lost and only access to the client with the correct passphrase.
LVL 20

Accepted Solution

tfewster earned 0 total points
ID: 40627715
Thanks to all for your comments and insights. To be fair, I didn't set up this environment so the copies of keys lying around aren't my  doing, but I need to clean it up and only allow key-pair "trust" relationships where they are truly appropriate.

I think my answer lies in `man sshd`: The section on the authorized_keys file describes the "from" option that can be put in that file on the server, e.g
from="tfewsters_PC.example.net" ssh-rsa  AAAAB2...19Q== just_a_tag@example.net

Open in new window

would only allow that key to be used from client "tfewsters_PC.example.net".  Wildcards and IP addresses could be used, so I could specify 'from="192.168.1.*"'  to say 'If that have the key AND they're on the (e.g. production) subnet, they're trustworthy'.

I did think about iptables, or internal firewalls, but this seems quite simple to administer and I can manage the distribution of the authorized_keys file to a group of servers
LVL 33

Assisted Solution

by:Dave Howe
Dave Howe earned 50 total points
ID: 40627852
Yes. that can help a lot - if a given key is associated with a given source ip range, then limiting logins to that range can help prevent abuse. Of course, if you don't need ssh from outside your own IP range, you can lock that down completely using iptables then you won't get half of chinanet knocking on the door.... :)
LVL 20

Author Closing Comment

ID: 40644173
Found the solution myself. None of the Expert comments helped toward that, though they confirmed my views so partial points have been awarded.

To clarify my example scenario, I'm not really talking about PCs and end-user clients: If you have a client-server application environment or a server cluster, you may want trust relationships between the servers so e.g. a Cluster master can distribute config files to its peers/subordinates.  If the Production systems are cloned to set up a Test environment, the keys _should_ be revoked - but that step may be missed.

Featured Post

Master Your Team's Linux and Cloud Stack

Come see why top tech companies like Mailchimp and Media Temple use Linux Academy to build their employee training programs.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Guacamole cut and paste issue 3 95
How to check which of my products use Blowfish encryption? 5 91
ssh setup on Cisco swith 11 86
Risks of using Camtasia Studio 9 104
Hello EE, Today we will learn how to send all your network traffic through Tor which is useful to get around censorship and being tracked all together to a certain degree. This article assumes you will be using Linux, have a minimal knowledge of …
Our Group Policy work started with Small Business Server in 2000. Microsoft gave us an excellent OU and GPO model in subsequent SBS editions that utilized WMI filters, OU linking, and VBS scripts. These are some of experiences plus our spending a lo…
Viewers will learn how to properly install and use Secure Shell (SSH) to work on projects or homework remotely. Download Secure Shell: Follow basic installation instructions: Open Secure Shell and use "Quick Connect" to enter credentials includi…
I've attached the XLSM Excel spreadsheet I used in the video and also text files containing the macros used below. https://filedb.experts-exchange.com/incoming/2017/03_w12/1151775/Permutations.txt https://filedb.experts-exchange.com/incoming/201…

792 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question