[nmglug] ssh confusion

Anthony J. Bentley anthony at anjbe.name
Sun Jun 16 20:40:37 PDT 2019 

Akkana Peck writes:
> Many tutorials will include a section on how to set up keys so you
> can ssh without a password. While that's certainly useful, I'd
> recommend skipping that part for now, until you're more comfortable
> with the basics of ssh with a password.

Using ssh keys and disabling passwords is the number one most important
configuration to enable on any ssh server.

This is the number of attempts by bots yesterday to break into my home
PC via ssh. Not a server with a public domain name, but my desktop
computer sitting in my apartment:

# grep 'Jun 15' /var/log/authlog | grep sshd | wc -l
   76010

That is approaching a hundred thousand attempts PER DAY. On a server not
linked on any website or indexed by any search engine. I wouldn't trust
a password to that, even my own reasonably well chosen ones.

Back when I was an undergrad, I took a cybersecurity class in UNM's
CS department. One kid ran a public ssh server for an assignment. A bot
guessed his password. When the professor found out, he imaged the disk,
and the next class assignment was to study the hard drive to figure out
what the bots do once they succeed in breaking in.

So what is it they do? First they silently replace passworded tools
(sudo, ssh, and the like) with trojaned versions that log all passwords
of all sites you log into. Then they set up bruteforcers and start using
YOUR machine to attack more servers. And then they cover their tracks.

I don't mean to scare people, but running an ssh server without
disabling passwords is incredibly unsafe, both for oneself and for
everyone else on the internet. Doesn't matter how good your passwords
are--the risk of a compromised machine is too great.

Disabling passwords is easy: in /etc/ssh/sshd_config, add the following
line:

PasswordAuthentication no

Then restart the server (or restart the machine).

Using keys is easy too. It is only two steps.

Step one: on the client machine (the one you "ssh" *from*), run:

$ ssh-keygen

It will ask where to save it (default of ~/.ssh/id_rsa is fine), and ask
for a passphrase to use (blank/no passphrase is perfectly fine).

(Personally I run "ssh-keygen -t ed25519 -c 'my comment goes here'" but
running just "ssh-keygen" is fine too.)

Step two: copy the public key (it ends in ".pub", like ~/.ssh/id_rsa.pub)
to the destination machine (the one you ssh *to*), at:

  ~/.ssh/authorized_keys

Now you can ssh from the one machine to the other, with passwords
disabled. You won't even have to enter a password (very convenient),
yet it is vastly more secure than a password-enabled configuration.

-- 
Anthony J. Bentley

More information about the nmglug mailing list