update ssh article
This commit is contained in:
parent
57eec21cf3
commit
f30cc15870
@ -254,13 +254,17 @@ Host key verification failed.
|
||||
you <b>really did</b> verify that the server's public key fingerprint matches.
|
||||
|
||||
If you type <span class="code">yes</span> here without checking the server's host key somehow, you could add an attackers public key to the trusted
|
||||
list in your <span class="code">~/.ssh/known_hosts</span> file; if you type <span class="code">yes</span> blindly, you are
|
||||
<b>completely disabling all security of the SSH connection</b>.
|
||||
It can be fully man-in-the-middle attacked & you are
|
||||
vulnerable to surveillance, command injection, even emulation/falsification of the entire stream.
|
||||
Will anyone actually attack you like that? Who knows. Personally, I'd rather not find out.
|
||||
list in your <span class="code">~/.ssh/known_hosts</span> file; if you type <span class="code">yes</span> blindly,
|
||||
you are technically vulnerable to a man-in-the-middle attack. Such an attack could silently surviel your connection,
|
||||
inject commands, even emulate / falsify the entire SSH session.
|
||||
|
||||
Will anyone actually attack you like that? Probably not, because such an attack would be difficult to hide from someone who
|
||||
knows where to look. Personally, however, I'd rather not fuck around and find out. I'd rather find a way to prove to myself
|
||||
that my first SSH connection to a new server is secure, even if it's a potentially ephemeral virtual machine like a capsul.
|
||||
</p>
|
||||
|
||||
|
||||
|
||||
<p>
|
||||
So what are technologists to do? Most cloud providers don't "provide" an easy way to get the SSH host public keys
|
||||
for instances that users create on thier platform. For example, see this
|
||||
@ -269,20 +273,19 @@ Host key verification failed.
|
||||
|
||||
Besides using the provider's HTTPS-based console to log into the machine & directly read the public key,
|
||||
providers also recommend using a "userdata script".
|
||||
This script would run on boot & upload the machine's SSH public keys to a
|
||||
trusted location like <a href="https://www.backblaze.com/b2/cloud-storage.html">Backblaze B2</a> or
|
||||
This script would run on boot & upload the machine's SSH public keys to an object storage system like <a href="https://www.backblaze.com/b2/cloud-storage.html">Backblaze B2</a> or
|
||||
<del>Amazon S3</del><sup><a href="#ref_1">[1]</a></sup>, for an application to retrieve later.
|
||||
As an example, I wrote a
|
||||
<a href="https://git.sequentialread.com/forest/rootsystem/src/1cdbe53974d20da97d9f522d4bd62c34487817c0/terraform-modules/gateway-instance-digitalocean/upload_known_hosts.tpl#L5">
|
||||
<a href="https://git.sequentialread.com/forest/greenhouse/src/branch/master/backend.go#L1242-L1248">
|
||||
userdata script which does this</a>
|
||||
for my own cloud compute management tool called
|
||||
<a href="https://git.sequentialread.com/forest/rootsystem">rootsystem</a>.
|
||||
Later in the process, rootsystem will
|
||||
<a href="https://git.sequentialread.com/forest/rootsystem/src/1cdbe53974d20da97d9f522d4bd62c34487817c0/host-key-poller/main.go#L33">
|
||||
for my own automated VPS management code in
|
||||
<a href="https://git.sequentialread.com/forest/greenhouse/">greenhouse</a>.
|
||||
Later in the process, greenhouse will
|
||||
<a href="https://git.sequentialread.com/forest/greenhouse/src/branch/master/backend.go#L1267-L1277">
|
||||
download the public keys from the Object Storage provider
|
||||
and add them to the ~/.ssh/known_hosts file</a>
|
||||
before finally
|
||||
<a href="https://git.sequentialread.com/forest/rootsystem/src/1cdbe53974d20da97d9f522d4bd62c34487817c0/terraform-modules/ansible-threshold-server/main.tf#L32">
|
||||
<a href="https://git.sequentialread.com/forest/greenhouse/src/branch/master/backend.go#L1297-L1313">
|
||||
invoking the ssh client against the cloud host</a>.
|
||||
</p>
|
||||
|
||||
|
@ -22,7 +22,7 @@
|
||||
<li>All root disks are backed up at no charge</li>
|
||||
<li>All storage is fast, local, and solid-state</li>
|
||||
<li>All network connections are low latency</li>
|
||||
<li>Supported by amazing volunteers from Cyberia</li>
|
||||
<li>Supported by amazing volunteers from Cyberia Computer Club</li>
|
||||
<li>Upfront prices, no confusing billing</li>
|
||||
<li>Operated by a Minnesota non-profit organization that will never exploit you</li>
|
||||
<li>We donate a portion of our proceeds to likeminded hacker groups around the globe</li>
|
||||
|
Loading…
Reference in New Issue
Block a user