You probably have your ssh private key password protected. However, are you encrypting them with the more secure PKCS#8 standard, or the default that ssh-keygen for some reason still uses?

The following articles help explain this whole idea that using PKCS#8 (which is a part of OpenSSL, hence can be used with OpenSSH) is a much stronger format for encrypt your keys with.

I recommend you read them in this order:

  1. http://martin.kleppmann.com/2013/05/24/improving-security-of-ssh-private-keys.html
    1.5. An extension and more in-depth of the above: http://security.stackexchange.com/questions/39279/stronger-encryption-for-ssh-keys
    1. discussing editing openssl to increase iterations: http://security.stackexchange.com/questions/39896/how-to-get-a-million-rounds-of-pkcs8-pbkdf2-with-openssl

The whole point to all this is that you should use PKCS#8 with the strongest cipher and hash, and high number of iterations. Currently, OpenSSL needs to be patched to allow you to edit the number of iterations, 2048 is default. You can pretty much use whichever cipher OpenSSL supports, and you can also specify SHA1-512 as your hash.

Below is a line I use that should most likely provide the most protection currently available. This command will take in your old key and convert it to the new format, then ask you for a new passphrase to use. Remember, the passphrase you use is essential to ensuring brute force attempts are more likely to be thwarted…use a long one!

openssl pkcs8 -topk8 -v2 aes-128-cbc -v2prf hmacWithSHA512 -iter 1000000 -in ~/.ssh/idrsa.old -out ~/.ssh/idrsa

You can see I’m using SHA512 with aes-128 (you could use 256, up to you) and 1 million iterations.

Again, I can’t stress enough to use 4096 bits for your key when creating it. You can go past this, but be aware, increasing this too much can really slow down your logins.

ssh-keygen -t rsa -b 4096

Blog Logo

Mario Loria


Published

Image

./scriptthe.net

Because 127.0.0.1 gets old after a while.

Back to Overview