Kategorie:SSH/Kryptografie
topic kurze Beschreibung
Beschreibung
Umgang mit Schlüsselmaterial
- Schlüsselmaterial identifiziert die kryptografischen Geheimnisse, aus denen ein Schlüssel besteht.
- Sämtliches Schlüsselmaterial muss als RESTRICTED-Daten behandelt werden
- Nur Personen mit spezieller Ausbildung und dem Bedarf an Wissen sollten Zugang zu Schlüsselmaterial haben.
- Das Schlüsselmaterial muss bei der Übertragung verschlüsselt werden.
- Schlüsselmaterial kann im Klartext gespeichert werden, aber nur mit einer angemessenen Zugangskontrolle (begrenzter Zugang).
- Dazu gehören
- OpenSSH server keys (/etc/ssh/ssh_host_*key)
- Client keys (~/.ssh/id_{rsa,dsa,ecdsa,ed25519} and ~/.ssh/identity).
Ciphers and algorithms choice
- When CHACHA20 (OpenSSH 6.5+) is not available, AES-GCM (OpenSSH 6.1+) and any other algorithm using EtM (Encrypt then MAC) disclose the packet length - giving some information to the attacker.
- Only recent OpenSSH servers and client support CHACHA20.
- NIST curves (ecdh-sha2-nistp512,ecdh-sha2-nistp384,ecdh-sha2-nistp256) are listed for compatibility, but the use of curve25519 is generally preferred.
- SSH protocol 2 supports DH and ECDH key-exchange as well as forward secrecy.
- Regarding group sizes, please refer to Security/Guidelines/Key_Management.
The various algorithms supported by a particular OpenSSH version can be listed with the following commands:
$ ssh -Q cipher $ ssh -Q cipher-auth $ ssh -Q mac $ ssh -Q kex $ ssh -Q key
Client key size and login latency
Figure out the impact on performance of using larger keys
- Such as RSA 4096 bytes keys - on the client side
- Tests
Idle, i7 4500 intel CPU
- OpenSSH_6.7p1
- OpenSSL 1.0.1l
- ed25519 server keys
The following command is ran 10 times
time ssh localhost -i .ssh/id_thekey exit
- Results
| Client key | Minimum | Maximum | Average |
| RSA 4096 | 120ms | 145ms | 127ms |
| RSA 2048 | 120ms | 129ms | 127ms |
| ed25519 | 117ms | 138ms | 120ms |
- Slower Machines
These numbers may differ on a slower machine
- This contains the complete login sequence
- Therefore is subject to variations
- Summery
- The latency differences are not significant
- It does not impact performance sufficiently
Installation
Anwendungen
Fehlerbehebung
Syntax
Optionen
Parameter
Umgebungsvariablen
Exit-Status
Konfiguration
Dateien
Sicherheit
Dokumentation
RFC
Man-Pages
Info-Pages
Siehe auch
Links
Projekt-Homepage
Weblinks
- Key Management
- Server Side TLS
- RFC4418 (umac)
- umac draft
- Safe curves
- DJM blog
- Stribika blog
- AES-GCM performance study
- CHACHA20 vs AES-GCM performance study
- PROTOCOL.certkeys
- rfc44880bis from GnuPG
- Weak Diffie-Hellman and the Logjam Attack
- On OpenSSH and Logjam, by Jethro Beekman
Einzelnachweise
Testfragen
Testfrage 1
Antwort1
Testfrage 2
Antwort2
Testfrage 3
Antwort3
Testfrage 4
Antwort4
Testfrage 5
Antwort5
TMP
Seiten in der Kategorie „SSH/Kryptografie“
Diese Kategorie enthält nur die folgende Seite.