Laurie: Improving SSL certificate security

Posted Apr 10, 2011 21:51 UTC (Sun) by djao (guest, #4263)
In reply to: Laurie: Improving SSL certificate security by dmag
Parent article: Laurie: Improving SSL certificate security

Agreed, but why? I claim it has nothing to do with the "security model" per se (other than it's not *too* annoying), and more to do with having a killer feature that Telnet doesn't have: The ability to log in without a password prompt.

I disagree in the strongest possible terms. It takes a relatively advanced user to configure passwordless authentication. Novice users see no point in this feature, since you have to type in a passphrase anyway, and they have no conceptual model capable of distinguishing passphrases from passwords; neither do they appreciate the benefits of multitasking by using an agent. The entire thesis of my argument is that SSH's success is attributable to its adroit handling of novice users, and its ability to provision them with maximal usability together with some security.

Only a very small minority of SSH users use passwordless authentication. I cannot believe that this minority is responsible for marketplace success. If such a small minority could determine marketplace success, then PGP would have succeeded as well. Could you be right? Sure, you could, but you're arguing the complete opposite of what I'm arguing.

Er, no. If you've seen the key a hundred times, but haven't said "yes I trust it", then it will will still prompt you.

Technically true, but quite misleading. When you connect for the first time, you are asked if you trust the key. By default, if you say no, you can't connect at all. (It is possible to configure this behavior differently, but only relatively advanced users do this.) So your implication that one can see a key a hundred times without saying "yes I trust it" is off the mark. In order even to succeed in connecting for the very first time, you need to indicate that you trust the key. There is no one (that I know, anyway) who would initiate 100 connection attempts, say "no" to the trust question (and thus failing to connect each time), and then say "yes" on the 101st.

Example of a session demonstrating what I just said:

[djao@laptop:~]$ ssh localhost
The authenticity of host 'localhost (127.0.0.1)' can't be established.
RSA key fingerprint is 76:27:d1:f3:a5:71:75:61:7b:b5:94:ce:f4:d9:81:20.
Are you sure you want to continue connecting (yes/no)? no
Host key verification failed.
[djao@laptop:~]$ ssh localhost
The authenticity of host 'localhost (127.0.0.1)' can't be established.
RSA key fingerprint is 76:27:d1:f3:a5:71:75:61:7b:b5:94:ce:f4:d9:81:20.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'localhost' (RSA) to the list of known hosts.
Last login: Fri Apr  1 12:19:11 2011 from laptop.dominia.org
[djao@laptop:~]$ exit
logout
Connection to localhost closed.

[djao@laptop:~]$ ssh localhost
Last login: Sun Apr 10 17:30:37 2011 from laptop.dominia.org
[djao@laptop:~]$

Er, I'm still confused by what this [hard stop] means.

Between this comment and the previous one above, it sounds like you have absolutely no firsthand experience at all with either OpenSSH or with the official SSH client (and I'm a little puzzled why you seem to imply in your replies that you do have such experience). Hard stop means that if a key does not match the trusted key, then SSH will not complete the connection, and will not allow the user to override this decision via any mechanism within the program itself. OpenSSH exhibits this behavior under its default configuration, and I am honestly surprised that you have never encountered it. Here's an example:

[djao@laptop:~]$ ssh iso
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@    WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!     @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that the RSA host key has just been changed.
The fingerprint for the RSA key sent by the remote host is
76:27:d1:f3:a5:71:75:61:7b:b5:94:ce:f4:d9:81:20.
Please contact your system administrator.
Add correct host key in /home/djao/.ssh/known_hosts to get rid of this message.
Offending key in /home/djao/.ssh/known_hosts:275
RSA host key for isomorphism.org has changed and you have requested strict checking.
Host key verification failed.
[djao@laptop:~]$