ssh whoami.filippo.io

240 points by exists 3 years ago | 79 comments

moviuro 3 years ago |

To make use of one different key per host, you can use some ssh_config(5) magic[0]:

    IdentityFile ~/.ssh/keys/%h

[0] https://man.openbsd.org/ssh_config.5

C4K3 3 years ago |

I learned about this when I encountered a server with an aggressive fail2ban that wouldn't let me log in because I had too many ssh keys. It apparently counted every wrong key as an auth attempt, so it blocked me before my ssh client tried the right key. Since then I've used IdentitiesOnly=yes

kenniskrag 3 years ago | |

Just add the good key to the ssh config file on the client:

IdentityFile ~/.ssh/some.key

neilv 3 years ago |

Before SSH-ing into untrusted hosts, make sure you understand what SSH agent-forwarding and X11-forwarding are.

Also, maybe don't trust the SSH config defaults on whatever host you're on at the moment. You can explicitly set defaults yourself in your `~/.ssh/config` or similar.

pritambaral 3 years ago | |

> ... make sure you understand ... SSH agent-forwarding ...

And how to configure your ssh agent to confirm with you on each use. See `-c` in `ssh-add(1)`, and make sure you're using an agent that supports it (GNOME's Seahorse doesn't, gpg-agent does, macOS's ssh-agent doesn't make can be made to via some AppleScript).

Because my ssh agent confirms each key use, I enable agent forwarding on every ssh connection without fear.

5d41402abc4b 3 years ago | |

>SSH agent-forwarding and X11-forwarding

Are they enabled by default when running SSH?

theblazehen 3 years ago | | |

No, disabled by default

o_____________o 3 years ago |

You can turn this behavior off in .ssh/config with

  Host *
    PubkeyAuthentication no

Put that at the bottom of the file, then turn back on for each host:

  Host site.com
    PubkeyAuthentication yes

akerl_ 3 years ago | |

This doesn't really turn off the behavior. I think you're looking for IdentitiesOnly and IdentityFile, which lets you tell your client to send only the right key per host, rather than sending all of them until it gets a hit.

rjh29 3 years ago | |

This seems like bad advice, password auth is less secure than key auth^. And many servers don't accept password-based auth at all.

^password is sent to the server directly; passwords are generally weak and easy to brute force. Pubkeys without a passphrase _can_ be stolen from the local machine, but if an attacker has access to your local machine, you are probably SOL anyway.

edit: as several people have pointed out, this config option does not completely prevent pubkey auth being used (i.e. if configured or overriden on the command line). But if you only use that config by itself, it will disable pubkey authentication for every host.

addingnumbers 3 years ago | | |

That's a petty interpretation, it's a big leap reading "don't send your unique identity to strange servers by default" as "never use private keys, always use passwords instead."

Nothing about that config snippet precludes using private keys for known servers.

nerdbert 3 years ago | | |

I have that line in my .ssh/config and I never use password auth.

I explicitly list every server that I want to connect to in the config file, so I know exactly what is going to happen.

cryptonector 3 years ago | | |

You can disable password authentication as well.

Sparkyte 3 years ago | |

Excellent way to also do ssh-agent less key site binding for those who are ssh adding a new key. I would always rather manage a key per host than manage it inside of the ever forgetful agent.

chlorion 3 years ago |

I have been circumventing this issue purely by accident it seems.

I have always had ssh-keygen write out the keys to a custom path like ~/.ssh/keys/$service/$key{,.pub} and configured each host's "identity" manually with the ssh config file.

I never did this for security purposes or anything, I just thought it made more sense than the default behavior.

fxtentacle 3 years ago |

Today I learned that GitHub keeps a publicly accessible list of all pubkeys linked to each user's account.

boarnoah 3 years ago | |

Seems questionable on Github's part to have .keys public by default, why not allow people to opt in ex: keybase.io equivalent?

Yes I get that its not sensitive information, but as this demo demonstrates it can fingerprint people who might not be unaware re: this quirk of SSH's coupled with this part of the Github API.

TechBro8615 3 years ago | | |

If you are SSH'ing into a server you should expect to get fingerprinted.

devmor 3 years ago | | |

You can't even opt out of it as far as I can tell.

mynameisvlad 3 years ago | |

Ubuntu Server's installer allows you to import it as the authorized_keys for the new user.

krab 3 years ago | | |

Cloud-init as well. The CLI utility you can use is ssh-import-id.

    ssh-import-id gh:$USERNAME

cmehdy 3 years ago | |

While it's not necessarily feeling great, it's called public for a reason. If anything it should be an incentive to add a passphrase to one's keys.

b3morales 3 years ago | |

It can be served up over HTTP too, given the username: https://github.com/${username}.keys

Age (the author's file encryption tool) can make use of this when encrypting a file to send to someone.

drexlspivey 3 years ago | | |

Also your PGP key under https://github.com/${username}.gpg

laurensr 3 years ago |

So users can add other users' SSH keys (sourced from GitLab, ....) to their GitHub profile, essentially depriving the actual key owner from using GitHub

basilgohar 3 years ago | |

But then that opens them up to having their victim commit code to their repos directly, as well.

yencabulator 3 years ago | | |

Not a big deal for an attacker to create a dummy account.

codesniperjoe 3 years ago |

If you need a local & offline first tool to log/track/archive changes from all kind of git repos yourself, from:

* github.com * sourcehut (sr.ht) * gitlab.com * codeberg.org * ...

published ssh keys & changes, to verify (offline) ssh signed commits, verify, encrypt mails, exchchange secure data (age-enc).

You can use this app:

[] https://github.com/paepckehh/gitkeys

If you want your own repos public keys tracked / monitored / archived, just leave a star:

[] https://github.com/paepckehh/keys

pred_ 3 years ago |

> The first is that the SSH protocol provides to the server all public keys the client is willing to produce signatures for, which by default are all the public keys in your ssh-agent and in your ~/.ssh/id_*.

Not sure about other systems, but this isn't the default on Debian. I, at least, start every day by running `ssh-add ~/.ssh/id_whatever_service_I_want_to_auth_to`, because it doesn't do it by itself, and I was too lazy to configure it. For the same reason, the party trick didn't work here, since I haven't had to commit anything today yet ...

Normille 3 years ago |

I don't know whether this is clever or not. But it ID'd me from my Github account public keys.

woodruffw 3 years ago | |

I think it's pretty clever, and demonstrates something very powerful about GitHub's position as de facto global code repository: you can get a strong cryptographic identity for (almost) anyone on the service, which you can then sign/encrypt to, verify for, etc.

age (another tool of Filippo's) leverages this to make encrypting to any GitHub user easy[1].

[1]: https://github.com/FiloSottile/age#encrypting-to-a-github-us...

tcard 3 years ago | | |

> you can get a strong cryptographic identity for (almost) anyone on the service, which you can then sign/encrypt to, verify for, etc.

I made https://sshign.tcardenas.me/ to take advantage of this. For example: [1]

In the end, it isn't that useful. I only routinely sign digitally to deal with the (Spanish) government, and they provide their own certificates and software to do that.

[1] https://sshign.tcardenas.me/?signer=github.com%2Ftcard&messa...

frutiger 3 years ago | |

As a side note public keys are available on GitHub, e.g. https://github.com/FiloSottile.keys.

peoplefromibiza 3 years ago |

I use a different key per host and only send the right key for the host using IdentityFile

  ssh whoami.filippo.io

cannot find any of my keys on Github, even though I have the Github key in my ~/.ssh folder

graderjs 3 years ago |

Can you use this to id people for authentication?

As in if someone pings your server and you get a key that matches their GitHub is it really that person's key or could they be doing it without having the corresponding private key?

vkoskiv 3 years ago | |

Anyone can download the public key and impersonate that person in a scheme like this.

notpushkin 3 years ago | | |

Unless you require them to authenticate using that key (which would obviously require them to have the private key on hand).

perryizgr8 3 years ago |

Since Github SSH keys are public for every account, wouldn't anyone be able to impersonate you if they know your username, if you haven't set up a passphrase? If yes, it is surprising to me that Github does not make it abundantly clear when you add a key. Until now, I thought the only way an attacker can get my keys is if they break into my computer.

Edit: totally disregard this, absolute brain fog moment

userbinator 3 years ago |

The existence of lesser-known things like this, combined with the defaults of SSH clients, and the rabid promotion of keypair auth instead of passwords, really makes one wonder whether there is some ulterior motive to make it easier to deanonymise and thus track users...

andirk 3 years ago |

Isn't it spelled filippx now? The 'x' signifies 'no'.

j1elo 3 years ago |

Just for those curious about it:

  $ ssh whoami.filippo.io

      +---------------------------------------------------------------------+
      |                                                                     |
      |             _o/ Hello!                                              |
      |                                                                     |
      |                                                                     |
      |  Did you know that ssh sends all your public keys to any server     |
      |  it tries to authenticate to? You can see yours echoed below.       |
      |                                                                     |
      |  We tried to use them to lookup your GitHub account,                |
      |  but got no match :(                                                |
      |                                                                     |
      |  -- Filippo (https://filippo.io)                                    |
      |                                                                     |
      |                                                                     |
      |  P.S. The source of this server is at                               |
      |  https://github.com/FiloSottile/whoami.filippo.io                   |
      |                                                                     |
      +---------------------------------------------------------------------+

Of course, this happens because the day I learned about the default behavior of SSH (to send all your keys in hope that one works), I went ahead to disable it to stop remote servers from being able to inspect all my keys. I feel this can be abused in a similar way that sites abuse browser information to fingerprint users. So I put this at the bottom of ~/.ssh/config:

  Host *
      IdentitiesOnly yes

And then I explicitly indicate what key to use for each server, either with the "-i" argument, or adding entries above the previous lines:

  Host example.com
      IdentityFile ~/.ssh/example.com.pem

Other commenter mentioned that something similar can be achieved with "PubkeyAuthentication no", but I've been using "IdentitiesOnly yes" for years without issue.

Waterluvian 3 years ago |

The idea of walking up to a lock and saying “here are all of my keys. Do any unlock you?” is kind of weird and backwards.

But I realize, thinking about it, I was doing that all the time at a previous job where I’d just mash my entire wallet against the keycard reader.

Bonus tangent: join me in playing “Payment Roulette” where you mash your wallet against payment terminals and let your credit and debit cards sort out which is going to pay.

netsharc 3 years ago | |

A lot of times the machine would say "Use one card only", won't it? I have a Secrid wallet and I was expecting the aluminium to block the RFID reader except for the 1 card I put in the outer leather pocket, but I still need to open the wallet up and present the dangling card in its sleeve to stop multiple signals...

newaccount74 3 years ago | | |

Blocking radio signals is harder than just adding some aluminium. I'm pretty sure most "RFID blocking" wallets don't actually block RFID reliably.

Waterluvian 3 years ago | | |

I’ve seen error messages. But usually my Mastercard wins. I think it might just be faster to electrify.

HellzStormer 3 years ago | |

The analogy isn't the same, the lock could copy the actual key to make a replica in the future.

ssh is only flashing the "name" printed on each key and asking if it should try one of them. (not exactly but it's more equivalent)

quickthrower2 3 years ago | |

Not quite because there is no public/private key analogy. With a physical key there isn’t much security and you are relying on the copying of the key (if someone takes a photo) not happening. There would need to be some sophistication and anyone that sophisticated wouldn’t need to burglarise you. And it is that fact you rely on for a key. It is almost like a credit card PIN

Arbortheus 3 years ago | |

That’s very trusting that there isn’t some race condition on the POS that ends up charging them all.

Waterluvian 3 years ago | | |

I’m pretty confident that POS transactions are idempotent. It’s an entire state machine that you’re working through, too, so I doubt it’s capable of performing multiple transactions during the middle of one transaction.

xwdv 3 years ago | | |

We’ll know we’re in the future when the payment gets split evenly amongst all participants. It’s like paying down a bill with the power of friendship.

bhaney 3 years ago |

  $ ssh whoami.filippo.io
  @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
  @       WARNING: POSSIBLE DNS SPOOFING DETECTED!          @
  @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
  The ED25519 host key for whoami.filippo.io has changed

I guess I've tried this before

lopkeny12ko 3 years ago |

I think a lot of people in the comments are missing the fact that public keys are by default intended to be public. This is an explicit and intended property of private-public key cryptography. Your public keys are not a security boundary and setting `IdentitiesOnly` in your SSH configuration does not do anything to strengthen your security posture.

Host *.mycompany.com # Employer specific yubikey stuff Host *.mydomain.com IdentityFile ~/.ssh/keys/id_primary Host * IdentitiesOnly yes IdentityFile ~/.ssh/keys/%r@%h # uses ~/.ssh/keys/git@github.com for github for example