DaemonForums  

Go Back   DaemonForums > DaemonForums.org > News

News News regarding BSD and related.

Reply
 
Thread Tools Display Modes
  #1   (View Single Post)  
Old 4th August 2018
e1-531g e1-531g is offline
VPN Cryptographer
 
Join Date: Mar 2014
Posts: 448
Default The default OpenSSH key encryption is worse than plaintext

I don't know whether this applies to OpenBSD, because this blog post explained things using openssh-portable as an example.
Title is also slightly clickbait-ish.

Quote:
You can tell it’s encrypted because it says so right there. It also doesn’t start with MII – the base64 DER clue that an RSA key follows. And AES! That’s good, right? CBC with ostensibly a random IV, even! No MAC, but without something like a padding oracle to try modified ciphertexts on, so that might be OK?

It’s tricky to find out what this DEK-Info stuff means. Searching the openssh-portable repo for the string DEK-Info only shows sample keys. The punchline is that the AES key is just MD5(password || IV[:8]).
https://latacora.singles/2018/08/03/...t-openssh.html

I always used KeePass/KeePassX to generate unique passwords and manage passwords to private SSH key files.
__________________
Signature: Furthermore, I consider that systemd must be destroyed.
Based on Latin oratorical phrase
Reply With Quote
Reply

Tags
openssh-portable

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Father of SSH Says Security Is 'Getting Worse' daemonfowl News 0 25th July 2012 04:39 PM
Security: Encryption: Disk Encryption eurovive Other BSD and UNIX/UNIX-like 17 6th March 2010 04:09 AM
Is linux getting worse? ( troll ) corey_james Other BSD and UNIX/UNIX-like 64 28th May 2009 10:59 AM
site performance is getting worse ocicat Feedback and Suggestions 40 24th May 2008 11:06 PM
Repeating BSDforums’ problems… even worse mirabilos Feedback and Suggestions 17 20th May 2008 03:12 PM


All times are GMT. The time now is 05:04 PM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2018, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick