openssh and keys - secure ones | lukasz.bromirski.net

somewhere around 2013 (and precisely - for ‘small’ Santa Claus, so 6th of December), OpenSSH was extended to provide new way of storing keys.

it’s important because the old format - MD5 hash - can be cracked veeeeery quickly. developers decide to use modification of bcrypt, that will slow down GPU-assisted cracking attempts in hashcat from gigahashes per second, to at most kilohashes.

what you need to do to upgrade your defenses? first of all, take care of the keys themselves. i’m using 2048 bit long RSA keys, and because some of the older equipment can’t handle more, i have to stay with that. my private key looks like this today:

me@mac:~/.ssh$ more id_rsa
-----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: AES-128-CBC,0cc175b9c0f1b6a831c399e269772661

FlXcooESd57Gh39IyP2n8vvsxWqxPUs7WHjCzhCrmVz583d7ar6dEzUE7Ey2jCvd
v1/VB17mCNG3nm+IEd+FcBnXe6zUu6y174oB1EWOavoYsXJc4XfVdJuhUDlSONW1
[....]
Yfxn6111NRH+vndRADSrT+/BaAdpspkqBov/XxFGitFSZSxM4s/TqOq/j8ofS0X9
-----END RSA PRIVATE KEY-----

moving to new format is easy - and upgrading your password on the way is also good idea:

me@mac:~$ ssh-keygen -o -p -f id_rsa -a 64
Enter old passphrase: here-goes-the-old-password
Enter new passphrase (empty for no passphrase): here-goes-the-NEW-password
Enter same passphrase again: and-here-goes-again-the-NEW-better-password
Your identification has been saved with the new passphrase.

-a 64 means number of KDF rounds, executed to better protect our key. it will slow down it’s verification as well - but on the modern hardware during normal authentication process it shouldn’t be visible.

key will be written to the same file, but in the better, more hardened format:

me@mac:~/.ssh$ more id_rsa
-----BEGIN OPENSSH PRIVATE KEY-----
JrgJWuW/Ow0KaZKPzMoD5L7/RwXJF74ts61ONcC1wsZZXV8hxarat0Uw6fim5naPkfEonZ
DXYm8GSuJlGqMJxTHmG2UYxaqQctuWGicz8TAu+wK1kcNCjImuCBMPFvx9AEcBDr9ahJvB
[...]
PqT2crQeHPC3IZsrFyoQ8YHQiElISCKCcGL/miZjlTuS6aA2nexGghmqjLGMrlGpg2gXMV
-----END OPENSSH PRIVATE KEY-----

and while we’re at it - i highly recommend dropping those lines to your .ssh/config. you’ll have connection keepalives (helpful for those aggresive NAT gateways) and provied you with visual key identification on connection:

me@mac:~$ more .ssh/config
VisualHostKey=yes 
ServerAliveInterval 30
ServerAliveCountMax 5