Mailing List Archive

On Tue, 1 Feb 2000, Phil Karn wrote:

> Hi. To compartmentalize things a bit (e.g., to help limit the damage
> should one of my machines be hacked and my private RSA keys stolen) I
> use different RSA key pairs on my different client machines.
>
> So it occurs to me that it would be nice if ssh could log which key
> was used when logging in to a particular account that has more than
> one entry in .ssh/authorized_keys. Right now it simply says "Accepted
> rsa for karn from <blah blah>" without saying which key was used.
>
> You obviously don't want to log the whole public key, just the comment
> field from the appropriate line in .ssh/authorized_keys would do.

I don't think the comment is sent as part of the RSA authentication
dialog, though it may be possible to log the fingerprint of the client
user or host key.

Attached is a quick and very dirty patch which does just that.

Regards,
Damien

--
| "Bombay is 250ms from New York in the new world order" - Alan Cox
| Damien Miller - http://www.mindrot.org/
| Email: djm@mindrot.org (home) -or- djm@ibs.com.au (work)

Thanks. The patch works as intended, though I have no tool to map
those key fingerprints back into the actual keys listed in
.ssh/authorized_keys...

Phil

On Wed, Feb 02, 2000 at 03:58:54PM -0800, Phil Karn wrote:
> Thanks. The patch works as intended, though I have no tool to map
> those key fingerprints back into the actual keys listed in
> .ssh/authorized_keys...

% ssh-keygen -l -f FILE
works for files with one key only, e.g. identity.pub.
i'am happy to accept patches that make this work
for authorized_keys and known_hosts.

On Thu, Feb 03, 2000 at 08:43:40AM +0100, Markus Friedl wrote:
> On Wed, Feb 02, 2000 at 03:58:54PM -0800, Phil Karn wrote:
> > Thanks. The patch works as intended, though I have no tool to map
> > those key fingerprints back into the actual keys listed in
> > .ssh/authorized_keys...
>
> % ssh-keygen -l -f FILE
> works for files with one key only, e.g. identity.pub.
> i'am happy to accept patches that make this work
> for authorized_keys and known_hosts.

try this.

Index: ssh-keygen.c
===================================================================
RCS file: /home/markus/cvs/ssh/ssh-keygen.c,v
retrieving revision 1.14
diff -u -r1.14 ssh-keygen.c
--- ssh-keygen.c 1999/11/24 19:53:52 1.14
+++ ssh-keygen.c 2000/02/03 14:42:37
@@ -76,9 +76,10 @@
void
do_fingerprint(struct passwd *pw)
{
- char *comment;
+ char *comment = NULL;
RSA *public_key;
struct stat st;
+ int invalid = 0;

if (!have_identity)
ask_filename(pw, "Enter file in which the key is");
@@ -87,37 +88,60 @@
exit(1);
}
public_key = RSA_new();
- if (!load_public_key(identity_file, public_key, &comment)) {
- char *cp, line[1024];
+ if (load_public_key(identity_file, public_key, &comment)) {
+ printf("%d %s %s\n", BN_num_bits(public_key->n),
+ fingerprint(public_key->e, public_key->n),
+ comment);
+ RSA_free(public_key);
+ } else {
BIGNUM *e, *n;
- int dummy, invalid = 0;
- FILE *f = fopen(identity_file, "r");
- n = BN_new();
- e = BN_new();
- if (f && fgets(line, sizeof(line), f)) {
- cp = line;
- line[strlen(line) - 1] = '\0';
- if (auth_rsa_read_key(&cp, &dummy, e, n)) {
- public_key->e = e;
- public_key->n = n;
- comment = xstrdup(cp ? cp : "no comment");
- } else {
- invalid = 1;
+ FILE *f;
+ char *cp, line[1024];
+ int dummy;
+
+ invalid = 1;
+ f = fopen(identity_file, "r");
+ if (f != NULL) {
+ n = BN_new();
+ e = BN_new();
+ while (fgets(line, sizeof(line), f)) {
+ line[strlen(line) - 1] = '\0';
+
+ /* Skip leading whitespace, empty and comment lines. */
+ for (cp = line; *cp == ' ' || *cp == '\t'; cp++)
+ ;
+ if (!*cp || *cp == '\n' || *cp == '#')
+ continue ;
+ if (*cp < '0' || *cp > '9') {
+ int quoted = 0;
+ comment = cp;
+ for (; *cp && (quoted || (*cp != ' ' && *cp != '\t')); cp++) {
+ if (*cp == '\\' && cp[1] == '"')
+ cp++; /* Skip both */
+ else if (*cp == '"')
+ quoted = !quoted;
+ }
+ if (*cp == '\0')
+ continue;
+ *cp++ = '\0';
+ }
+ if (auth_rsa_read_key(&cp, &dummy, e, n)) {
+ invalid = 0;
+ comment = *cp ? cp : comment;
+ printf("%d %s %s\n", BN_num_bits(n),
+ fingerprint(e, n),
+ comment ? comment : "no comment");
+ }
}
- } else {
- invalid = 1;
- }
- if (invalid) {
- printf("%s is not a valid key file.\n", identity_file);
BN_free(e);
BN_free(n);
- exit(1);
+ fclose(f);
}
}
- printf("%d %s %s\n", BN_num_bits(public_key->n),
- fingerprint(public_key->e, public_key->n),
- comment);
- RSA_free(public_key);
+ if (invalid) {
+ printf("%s is not a valid key file.\n", identity_file);
+ exit(1);
+ }
exit(0);
}

@@ -310,7 +334,7 @@
usage(void)
{
printf("ssh-keygen version %s\n", SSH_VERSION);
- printf("Usage: %s [-b bits] [-p] [-c] [-f file] [-P pass] [-N new-pass] [-C comment]\n", __progname);
+ printf("Usage: %s [-b bits] [-p] [-c] [-l] [-f file] [-P pass] [-N new-pass] [-C comment]\n", __progname);
exit(1);
}

On Tue, Feb 01, 2000 at 01:57:05PM -0800, Phil Karn wrote:
> Hi. To compartmentalize things a bit (e.g., to help limit the damage
> should one of my machines be hacked and my private RSA keys stolen) I
> use different RSA key pairs on my different client machines.
>
> So it occurs to me that it would be nice if ssh could log which key
> was used when logging in to a particular account that has more than
> one entry in .ssh/authorized_keys. Right now it simply says "Accepted
> rsa for karn from <blah blah>" without saying which key was used.
>
> You obviously don't want to log the whole public key, just the comment
> field from the appropriate line in .ssh/authorized_keys would do.

Perhaps I'm overseeing the obvious - but why not? The only thing
that gets logged, is the _public_ key, the one the server knows
anyway already, the one in the user's $HOME/.ssh/identity.pub
file.
If the machine is compromised, this public key is compromised as
well.
If the machine isn't compromised, the only one who will be able
to see this key, is root (you do set the correct permissions on
your logfiles, don't you?); but root is always able to simply
peek into the users' identity.pub files anway.

All in all I don't see how logging the complete public key that
was used leaks any information anywhere, neither do I see privacy
issues.
One might argue that the logfile will grow significantly larger,
but frankly I hardly believe that they would grow as much as they
need to give you problems - YMMV (and one could always add a
configurable limit - like limit it to the first 64 chars etc.)

bye,
Harold

--
Someone should do a study to find out how many human life spans have
been lost waiting for NT to reboot.
Ken Deboy on Dec 24 1999 in comp.unix.bsd.freebsd.misc

>One might argue that the logfile will grow significantly larger,

That, and not any concern about keeping public keys private, was my
concern. But it now occurs to me that on most systems, log files are
routinely compressed by daemons fired off from cron. Although the
public keys are themselves random and essentially uncompressible,
chances are they will keep recurring in the log file, making them
compress very nicely with gzip.

So I now suggest that the daemon just log the full public key
used. Hopefully this won't break any message length limits in syslog.

Phil

Logging the fingerprint would be more human-readable, however.

--
jim knoble
jmknoble@pobox.com

På 2000-Feb-03 klokka 15:50:55 -0800 skrivet Phil Karn:

: >One might argue that the logfile will grow significantly larger,
:
: That, and not any concern about keeping public keys private, was my
: concern. But it now occurs to me that on most systems, log files are
: routinely compressed by daemons fired off from cron. Although the
: public keys are themselves random and essentially uncompressible,
: chances are they will keep recurring in the log file, making them
: compress very nicely with gzip.
:
: So I now suggest that the daemon just log the full public key
: used. Hopefully this won't break any message length limits in syslog.