All of lore.kernel.org
 help / color / mirror / Atom feed
* [dm-crypt] Remote unlock security
@ 2010-12-20 19:05 David Jacquet
  2010-12-21  5:27 ` Arno Wagner
  0 siblings, 1 reply; 5+ messages in thread
From: David Jacquet @ 2010-12-20 19:05 UTC (permalink / raw)
  To: dm-crypt

[-- Attachment #1: Type: text/plain, Size: 973 bytes --]

Hi,

I am trying to configure my server to be able to be unlocked via ssh and
dropbear. From the README.gz
I understand that I can issue the command:

ssh -o "UserKnownHostsFile=~/.ssh/known_hosts.initramfs" \
-i "~/id_rsa.initramfs" root@initramfshost.example.com \
"echo -ne \"secret\" >/lib/cryptsetup/passfifo"

What exactly will happen with the "secret" string? Will it be written to an
unprotected part of a hard drive. If so
it may be retrieved by a careful investigation of that drive. From my non
expert and humble opinion, a key (as
the "secret") should only be stored on RAM (and erased even from the RAM as
soon as possible).

Even if only stored in the RAM, I guess that the "secret" string will be
stored in the .bash_history file on the
computer from which the ssh-command was issued. I guess it is more
recommended to log into the remote
computer and then issue ( cat > /lib/cryptsetup/passfifo --> "secret" -->
CTRL+D, will that work?)

Best Regards
David

[-- Attachment #2: Type: text/html, Size: 1573 bytes --]

^ permalink raw reply	[flat|nested] 5+ messages in thread
* Re: [dm-crypt] Remote unlock security
  2010-12-20 19:05 [dm-crypt] Remote unlock security David Jacquet
@ 2010-12-21  5:27 ` Arno Wagner
  2010-12-21  6:04   ` epvdm
  0 siblings, 1 reply; 5+ messages in thread
From: Arno Wagner @ 2010-12-21  5:27 UTC (permalink / raw)
  To: dm-crypt


Hi David,
On Mon, Dec 20, 2010 at 08:05:25PM +0100, David Jacquet wrote:
> Hi,
> 
> I am trying to configure my server to be able to be unlocked via ssh and
> dropbear. From the README.gz
> I understand that I can issue the command:
> 
> ssh -o "UserKnownHostsFile=~/.ssh/known_hosts.initramfs" \
> -i "~/id_rsa.initramfs" root@initramfshost.example.com \
> "echo -ne \"secret\" >/lib/cryptsetup/passfifo"
> 
> What exactly will happen with the "secret" string? Will it be written to an
> unprotected part of a hard drive. 

I do not understand what "passfifo" is suppoded to do, you 
should probably do something like this instead:

ssh "cat <file-with-secret> | cryptsetyp --key-file - <other options>"

> If so
> it may be retrieved by a careful investigation of that drive. From my non
> expert and humble opinion, a key (as
> the "secret") should only be stored on RAM (and erased even from the RAM as
> soon as possible).

Indeed. However "as soon as possible" is on device removal from
LUKS/dm-crypt control.
 
> Even if only stored in the RAM, I guess that the "secret" string will be
> stored in the .bash_history file on the
> computer from which the ssh-command was issued. 

Therefore never show it to bash.

> I guess it is more
> recommended to log into the remote
> computer and then issue ( cat > /lib/cryptsetup/passfifo --> "secret" -->
> CTRL+D, will that work?)

Still don't get what "passfifo" is for. Is this some contruction
like this?

  mkfifo passfifo
  cryptsetup --key-file passfifo

Arno
-- 
Arno Wagner, Dr. sc. techn., Dipl. Inform., CISSP -- Email: arno@wagner.name 
GnuPG:  ID: 1E25338F  FP: 0C30 5782 9D93 F785 E79C  0296 797F 6B50 1E25 338F
----
Cuddly UI's are the manifestation of wishful thinking. -- Dylan Evans

If it's in the news, don't worry about it.  The very definition of 
"news" is "something that hardly ever happens." -- Bruce Schneier 

^ permalink raw reply	[flat|nested] 5+ messages in thread
* Re: [dm-crypt] Remote unlock security
  2010-12-21  5:27 ` Arno Wagner
@ 2010-12-21  6:04   ` epvdm
  2010-12-21  9:27     ` David Jacquet
  0 siblings, 1 reply; 5+ messages in thread
From: epvdm @ 2010-12-21  6:04 UTC (permalink / raw)
  To: dm-crypt

On Tue, Dec 21, 2010 at 06:27:41AM +0100, Arno Wagner wrote:
> 
> Hi David,
> On Mon, Dec 20, 2010 at 08:05:25PM +0100, David Jacquet wrote:
> > Hi,
> > 
> > I am trying to configure my server to be able to be unlocked via ssh and
> > dropbear. From the README.gz
> > I understand that I can issue the command:
> > 
> > ssh -o "UserKnownHostsFile=~/.ssh/known_hosts.initramfs" \
> > -i "~/id_rsa.initramfs" root@initramfshost.example.com \
> > "echo -ne \"secret\" >/lib/cryptsetup/passfifo"
> > 
> > What exactly will happen with the "secret" string? Will it be written to an
> > unprotected part of a hard drive. 
> 
> I do not understand what "passfifo" is suppoded to do, you 
> should probably do something like this instead:
> 
> ssh "cat <file-with-secret> | cryptsetyp --key-file - <other options>"
> 
> > If so
> > it may be retrieved by a careful investigation of that drive. From my non
> > expert and humble opinion, a key (as
> > the "secret") should only be stored on RAM (and erased even from the RAM as
> > soon as possible).
> 
> Indeed. However "as soon as possible" is on device removal from
> LUKS/dm-crypt control.
>  
> > Even if only stored in the RAM, I guess that the "secret" string will be
> > stored in the .bash_history file on the
> > computer from which the ssh-command was issued. 
> 
> Therefore never show it to bash.
> 
> > I guess it is more
> > recommended to log into the remote
> > computer and then issue ( cat > /lib/cryptsetup/passfifo --> "secret" -->
> > CTRL+D, will that work?)
> 
> Still don't get what "passfifo" is for. Is this some contruction
> like this?
> 
>   mkfifo passfifo
>   cryptsetup --key-file passfifo
> 
> Arno


apparently in some linux distributions the initrd cryptdisk setup reads the
password from a fifo. 

regardless when setting up something like this, it's important to realize that
if you care about the actual security of the data and your passphrase, this is
not a safe arrangement unless you can independently confirm that the machine
you're trying to unlock hasn't been tampered with. For instance, an attacker
could modify the (unencrypted) initramfs to save whatever passphrase you type
remotely. 

Of course if you just use encrypted disks for convenience, e.g., so you don't
have to worry about scrubbing them before discarding old equipment, it doesn't
matter. 

eric

^ permalink raw reply	[flat|nested] 5+ messages in thread
* Re: [dm-crypt] Remote unlock security
  2010-12-21  6:04   ` epvdm
@ 2010-12-21  9:27     ` David Jacquet
  2010-12-21 13:02       ` Jonas Meurer
  0 siblings, 1 reply; 5+ messages in thread
From: David Jacquet @ 2010-12-21  9:27 UTC (permalink / raw)
  To: dm-crypt

[-- Attachment #1: Type: text/plain, Size: 1014 bytes --]

Hi,

thanks for clears answers. Some thoughts: first of all it is great that the
"secret"
string is not written temporarily to a disc, that was my primary concern.
Therefore I think
that the added insecurity in this case comes from the computer being stored
remotely,
not unlocked remotely. I don't see why the computer couldn't be tampered (by
hardware
or software methods) with even if it was unlock by classic means: human on
site
entering secret key.

As for the method passfifo itself, I do not exactly know what is happening.
I am running
Ubuntu server 10.04, and there is some partly binary, partly text, script
file called

 /lib/cryptsetup/askpass

which I _guess_ is constructed for the sole purpose of remote ssh unlock,
but I am having
difficulties getting any documentation on this file. With the Ubuntu Plymoth
startup it seems
non trivial actually getting this to work (there are some bug on this on
launchpad), but I wanted
to find out the security issues before trying the actual solution.

David

[-- Attachment #2: Type: text/html, Size: 1269 bytes --]

^ permalink raw reply	[flat|nested] 5+ messages in thread
* Re: [dm-crypt] Remote unlock security
  2010-12-21  9:27     ` David Jacquet
@ 2010-12-21 13:02       ` Jonas Meurer
  0 siblings, 0 replies; 5+ messages in thread
From: Jonas Meurer @ 2010-12-21 13:02 UTC (permalink / raw)
  To: dm-crypt

[-- Attachment #1: Type: text/plain, Size: 1452 bytes --]

Hey David,

On 21/12/2010 David Jacquet wrote:
> thanks for clears answers. Some thoughts: first of all it is great that the
> "secret"
> string is not written temporarily to a disc, that was my primary concern.
> Therefore I think
> that the added insecurity in this case comes from the computer being stored
> remotely,
> not unlocked remotely. I don't see why the computer couldn't be tampered (by
> hardware
> or software methods) with even if it was unlock by classic means: human on
> site
> entering secret key.
> 
> As for the method passfifo itself, I do not exactly know what is happening.
> I am running
> Ubuntu server 10.04, and there is some partly binary, partly text, script
> file called
> 
>  /lib/cryptsetup/askpass
> 
> which I _guess_ is constructed for the sole purpose of remote ssh unlock,
> but I am having
> difficulties getting any documentation on this file. With the Ubuntu Plymoth
> startup it seems
> non trivial actually getting this to work (there are some bug on this on
> launchpad), but I wanted
> to find out the security issues before trying the actual solution.

askpass is a helper utility, intended to be used for passphrase
prompting in the initramfs script. usplash and splashy support, the fifo
file you're talking about, and console passphrase prompt are the main
features of this utility.
it's shipped with the debian and ubuntu cryptsetup package.

greetings,
 jonas

[-- Attachment #2: Digital signature --]
[-- Type: application/pgp-signature, Size: 836 bytes --]

^ permalink raw reply	[flat|nested] 5+ messages in thread
end of thread, other threads:[~2010-12-21 13:35 UTC | newest]

Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2010-12-20 19:05 [dm-crypt] Remote unlock security David Jacquet
2010-12-21  5:27 ` Arno Wagner
2010-12-21  6:04   ` epvdm
2010-12-21  9:27     ` David Jacquet
2010-12-21 13:02       ` Jonas Meurer

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.