On 04.07.24 15:21, Simon Josefsson wrote:
Does anyone know of any implementation that allows me to configure a PGP/SSH/FIDO/TPM/whatever public key on the server side, and it then only listens to signed port knocks from the corresponding private keys? I notice fwknop has PGP support, but it requires a private key on the server side, and that's really annoying. Instead of using public-key encryption, shouldn't be possible to rely only on public-key signing instead?
fwknop insists on having the SPAs encrypted, presumably so that MitM can't read them and use the port(s) you just opened themselves¹, and encryption requires either a shared symmetric secret, or asymmetric keypairs on both sides (and thus a privkey on the server).
If you consider that unnecessary¹, you could consider server-side privkey and passphrase nonsensitive material, which would make it that much less "annoying" to have around ...
¹ Yes, I am aware that the MitM would probably *still* have enough time to do the same (in an automated way) even if he has to wait to see *your* use of the now-open port. Which would probably be the *best* reason to doubt the value of having the SPAs encrypted.
Last not least: I never did anything with it, but GnuPG *does* have an --export-ssh-key option, so using a single keypair in both SSH and PGP contexts *might* be feasible.
Kind regards, -- Jochen Bern Systemingenieur Binect GmbH
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
