Tato webová stránka používá soubory cookie, abychom vám mohli poskytovat co nejlepší uživatelský zážitek. Informace o cookies jsou uloženy ve vašem prohlížeči a plní funkce, jako je rozpoznání, když se vrátíte na náš web, a pomoc našemu týmu pochopit, které části webu jsou pro vás nejzajímavější a nejužitečnější.
Cutting edge security for SSH using bitcoin hardware
As a software engineer I often hear from my customers the requirement to introduce high security standard without interfering much with user comfort. Let me write a few lines on how these contradictory requirements may be met in my favourite area of SSH authentication to UNIX and Linux servers. As I mentioned earlier on our blog (CZ), I’m a big fan of bitcoin cryptocurrency. Apart from its economic revolution potential it’s a vast source of technology inspiration for me. And I’m going to show you how bitcoin related technologies can be used for SSH authentication (and put all other methods behind 🙂
I have developed an open-source application that is capable of using bitcoin hardware wallet in USB device as a multi-functional cryptographic tool to SSH authenticate with any UNIX server using ECDSA cipher. Before I can show you what this app does, I need to describe the USB device first. It is called Trezor and is manufactured by Czech company SatoshiLabs. As far as I know they were the first to come up with the unique concept of deterministic key hierarchy (BIP32) in a bitcoin hardware wallet with an addition of super-secure concept of PIN obfuscation. PIN obfuscation is something that is very handy against key-loggers and other procedures capable of detecting of what you type on the computer’s keyboard. Maybe our current prime minister wishes he had PIN/Password obfuscation capability when he got his personal e-mail hacked.
Let’s use an example to talk about PIN and Passphrase input. Assume my PIN is 1234. If I type it in my PC without obfuscation (this is how most tokens work), any malware or virus on my PC can learn my PIN simply by recording keyboard inputs. Now let me show you how this works on a Trezor device. My PIN is still 1234, I’m about to request any sensitive operation (e.g. authenticate) from my Trezor. The first thing that happens is that the device shows an ad-hoc random generated layout of number positions on its LCD – see picture bellow. In our example number 1 is no longer next to 2, but rather where 4 normally is, 2 is now in the position of 9 and so on. And this is the way I type PIN into my computer. Instead of 1234, it is 4967. Next time I plug the Trezor into a USB port, the PIN matrix is changed. So, if my PC is compromised, all the information the attacker gets is one-time gibberish that cannot be misused. In fact, it’s even safe to use Trezor in untrusted environment like public computer. After some time, it really feels very easy typing PIN this way.
I mentioned developing my own application for Trezor. I used the fact that sending bitcoins and authenticating to SSH via PKI are both technically based on the same thing – asymmetric key signing. With that in mind, I was able to code interface between the Trezor and the Putty-like SSH clients. My application is called Trezor SSH Agent and emulates Pageant, which is Putty SSH Agent compatible with WinSCP, git and some other Windows clients. The essential part of the app is to work with ECSDA sign requests and responses as well as special SSH protocol framing (that was crazy). Trezor allows virtually unlimited amount of unique keys, all of them can be derived on-the-fly from initial seed via deterministic derivation from given inputs.
The cool thing with Trezor SSH Agent application is that it runs in the Windows tray area and there is virtually no work in configuring it. Just open your favourite Windows SSH client compatible with Pageant, connect to UNIX/Linux and let Trezor SSH Agent ask you for obfuscated PIN. After you approve sign in operation (authentication) with pressing one of the Trezor’s hardware buttons you are good to go. Next time you log in, you just press the button on the device to confirm action. No need to enter PIN again as long as the device stays plugged into USB. I guess this is very comfortable for users or admins as it gives near-SSO capability and cutting edge security using Elliptic curve cryptography, PIN obfuscation and HW confirmation process.
Author: Martin Lízner
Bonus: I had a lot of fun printing tailor made Trezor covers using our brand new 3D Printer.