7

I am trying to use keychain on debian latest stable with some difficulty. Searching online I could not find a solution, but thought perhaps a different approach or a different tool might be better in this case.

I want to achieve something reasonably straight-forward:

  • When logging in to the server as root after reboot, the user is prompted for a master passphrase once.
  • This passphrase is loaded into memory and used to unlock both the ssh private key (used for pulling code from a remote git repository, remote authentication etc) and a gpg private key (used to decrypt some configuration parameters also coming from git).

This way, only having access to the root account or being able to dump memory would allow extracting the passphrase. As soon as the server is rebooted the passphrase is cleared. I don't have the budget/resources for an HSM or anything more elaborate. I want something simple and cheap and that works reliably and securely enough.

Keychain seems like a good candidate, but I can't get it to work properly to fulfill both requirements. Namely, it asks for the pasphrase twice, and also when trying to decrypt something with gpg it asks for it a 3rd time... Is there a way to achieve this securely with keychain or any other tool or shell script?

[p.s. not sure if this belongs on ServerFault or here]

Improve this question
6
  • 1
    Keychain doesn't do what you think it does: it just arranges to start and stop ssh-agent and gpg-agent. Both programs store keys, not passphrases, so if you have an SSH key and a GPG key, you'll have to type two passphrases even if they happen to be identical. You could store the keys in a Gnome keyring (gnome-keyring-daemon), and unlock that once per session; but you'd have to get a version that supports GPG (the one in Debian doesn't, AFAIK), and it's unwieldy without X. Commented Apr 8, 2012 at 21:42
  • 1
    just as a side note - an alternative of using e.g. a truecrypt container holding both (passphrase-less) gpg and ssh keys would kinda meet functional requirements, but not security requirements! (which are to store keys/passphrase only in memory for better protection)... although this is currently my fallback if I can't get keychain or something similar working... Commented Apr 8, 2012 at 23:03
  • gnome-keyring-daemon itself doesn't require X, but I don't know if there's a way to feed it keys without X. However, it doesn't meet your security requirements, since it would store the keys in a keyring file. On the gripping hand, I don't see a difference security-wise between having several files stored on the same disk and protected by the same password (SSH key and GPG key) and one file protected by that password (Gnome keyring or passwordless keys on an encfs or truecrypt filesystem). Commented Apr 8, 2012 at 23:17
  • perhaps you're right, and there isn't a big-enough security difference. I just thought that if someone got into the root account, which had the encrypted file/container already mounted, they could easily copy all those keys. Whereas if using keychain or something similar it would require inspecting memory to extract those keys, which should be just a little (but probably not substantially) harder... Commented Apr 9, 2012 at 8:37
  • ssh-agent stores passphrases in memory until reboot. I use that for the purpose described in the question, with a little scripting to automate connecting to ssh-agent. But that's only for ssh keys, and although a similar method probably will work for gpg keys, you will still have to enter two passwords (one for ssh-agent and another for gpg) so I'm not sure that would be good enough for you. It doesn't need X though. Commented Apr 18, 2012 at 13:04

1 Answer 1

Reset to default
2

Use a separate encrypted filesystem (which can be actually stored in a regular file and mounted mounted through dm). Security-wise the filesystem access permissions will do the same trick as keeping it in virtual memory of a running process - both can be accessed by root (unless you take some extra measures to prevent that). Actually, it should be less probable that the password will end up on swap, than in the case of caching it in an agent helper; but you should keep your swap encrypted anyway (or disabled completely), if security is your main concern.

Improve this answer
1
  • Thanks peterph. This is pretty much what I ended up using. I mounted an ecryptfs filesystem using a passphrase that was generated using the ssh private key. So I only load the ssh key once in memory, and from it, I can generate other passphrases... I should probably post the code online some time, but didn't quite get round to it. Commented Nov 13, 2012 at 19:45

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.