Security in an error-prone world

Posted Nov 4, 2015 13:56 UTC (Wed) by nix (subscriber, #2304)
In reply to: Security in an error-prone world by wahern
Parent article: Security in an error-prone world

I've been using a Yubikey NEO with the OpenPGP applet on OS X with MacPGP2 for over a year, and I have no such bad experiences.

Excellent! That means I'm probably just doing something stupid wrong -- though the fact remains that there are lots of ways to get it wrong, and the way described on the LF site is one way to do it (because that's what I tried, and it didn't work).

SSH authentication forwarding shouldn't be problematic--it's the same ssh instance talking to the agent when authenticating the first hop as when you're authenticating the next hop. Certainly I've never had a problem.

That works until you use your Yubikey to do anything else (e.g. OTP). If you were using native SSH, you could use ssh-add -e / -s to sever the smartcard connection and restart it, and everything would mostly be fine -- but using GPG, well, as soon as the connection is severed, the gpg-agent (and, if you're using it, pcscd) hang, hard. You have to kill -9 and restart them, and as soon as you do that the authentication forwarding is severed: you have to restart all your ssh sessions too! This is very far from optimal.

notably Apple's bug made pcscd lose track of the card state. Something similar (though I doubt identical, because it's forked) seems to be the problem here.

Almost certainly. Possibly this is the ill-defined 'issues' which caused pcscd autostarting without systemd to be removed, but I doubt it: it was only half a dozen lines, and in particular nothing changed about smartcard state tracking: pcscd still exits when idle in both cases, presumably losing track of card state as it does so.

But compared to the way things were just a few years ago, particularly with SSH it's like night & day.

Good God that's horrifying. :)

Ideally somebody will devise a scheme to use U2F keys for SSH, and OpenSSH will gain native U2F support, removing the need for all the middleware.[1]

Agreed! I'd be oh so very happy with that. U2F looks much easier to wrangle than PKCS#11, enough so that adding support is something that does not fill me with horror... oh no I haven't just given myself another spare-time project that'll never get done, have I? ... you'd think I'd learn.

In particular, it's stateless, so if U2F stops working for a second while we do an OTP authentication, nothing bad happens (and it's physically impossible to do both at once, since both involve a button press).

Presumably it would be done similarly to how PKCS#11/PIV support already is, only rather than a PKCS11Provider, you'd specify an URL to an authentication server (obviously in some new ssh_config option), and if you wanted to forward things, you'd use an SSH agent and have ssh-add and agent forwarding do the work of getting to where your smartcard is actually plugged in.