Post by Hugo Osvaldo Barrera Post by Nick Holland Post by Remi Locherer
I still makes sense to encrypt your ssh keys. Think of a bug in a
that allows a server reading your files.
Disk Encryption protects your key and other data when your computer is
OFF. And only when it is off. When your computer is active and the
file systems available, any attacker that manages to get into your
system through any means can see whatever they have access to. If
grab your no-passphrase key, they now have your key. If they
passphrased key...they got a jumble of funny characters.
Doesn't the fact that ssh-agent is running somehow make the keys
accessible anyway? Or am I making misassumptions on how it works?
ssh-agent provides a way to USE keys, not expose keys. Remember, this
is public key cryptography, which has some nifty abilities to avoid
exposing private keys while still using them.
A key without a passphrase is protected by nothing other than file
permissions. Anything /you/ run or runs as you has the ability to read
your private key. ANYTHING. Your browser. Your mail client. That
obfuscated code block your friend just showed you. Your backup system.
Everyone else with doas access on your system.
From the man page:
"The agent will never send a private key over its request channel.
Instead, operations that require a private key will be performed by
the agent, and the result will be returned to the requester. This
way, private keys are not exposed to clients using the agent."
so ... there's no way to query the agent and get a passphrase-free
private key. Instead, things wishing to use the agent pose a query
(based on the public key) that can only be answered by something holding
the private key.
Now, I suspect (nb: I am not a cryptographer or SSH coder. But I sat at
a table with one once, and was completely in awe) the key has to be held
in unlocked form in RAM, so perhaps a very serious breach that allowed
the raw access of system RAM might produce it...but would also produce a
lot of other nifty things, and by that point, your system is so
completely compromised, not much is trustworthy anymore.