CRITICAL PROTIP: change ssh host keys on Raspbian, Cubian, and all premade images!

So you’re a Raspberry Pi or Cubieboard or BeagleBone hacker, and you download a Raspbian image, or a Cubian image for your Cubie, or whatever BeagleBones run, or, really, any premade *nix image. This applies to virtual appliances and prebuilt Virtualbox and VMware server images, too!

What critically important thing will you probably forget to do, that you’d never notice amiss (but the NSA will)? Change the ssh host keys.

I can’t overemphasize this enough. If you are using a premade Linux image of any kind, or an image of any OS which has ssh host keys, then other people already have your private keys. You NEED to change them, right now.

This can be accomplished pretty easily on a Debian based distro. I’m taking this straight off ServerFault, if you want a peek at all the answers (including those that will work for *hrk* Red Hat descendants).

The simplest solution

This one is courtesy of Pascal Polleunus on ServerFault.

  1. Become root, or tack ‘sudo’ on the front of all the following commands.
  2. Delete old ssh host keys: rm /etc/ssh/ssh_host_*
  3. Reconfigure OpenSSH Server: dpkg-reconfigure openssh-server
  4. Update all ssh client(s) ~/.ssh/known_hosts files – otherwise you’ll get the REMOTE HOST KEY HAS CHANGED freakout message – and if you see that message and don’t expect it, tread carefully – something very much like that but cleverer[1] is how my team came in 2nd in a penetration contest in a hands-on security class at Portland State.

Want a stronger RSA ssh host key than 2048 bits?

Some people prefer an RSA key of 4096 bits. I don’t disagree with them; RSA is getting a bit long in the tooth. To get a 4096 bit ssh host key, you can either do the above and then, as root:

  1. ssh-keygen -N "" -t rsa -b 4096 -f /etc/ssh/ssh_host_rsa_key
  2. service ssh restart

Or, follow Olipro‘s generic procedure (which should work for *ulch* Red Hat type distros) and add -b 4096 to the RSA host key generation command. Note, you can’t really increase DSA key size[2], and I don’t believe there’s any security benefit to increasing ECDSA key size.

1. It wasn’t quite so bad as one of our team members ignoring the HUGE WARNING MESSAGE that OpenSSH gives off when a host key changes. This was 2007, so the details are hazy, but our attacker managed to gain access to our system as a sudo-blessed user with a man-in-the-middle attack. We were using an RSA host key, and he did an ssh version of the SSL stripping attack: he stepped in the middle, handed our team member a DSA host key when signing in, the team member saw the “new host key” message which is much less freaky than the key-change message, thought “that’s mildly odd” and proceeded to log in. Game over, man, game over.

2. DSA key size is specified in some standard somewhere, and as with ECDSA, I’m not sure there’s any benefit to increasing key size anyway at this point. Let me know if I’m wrong about either of those, though.


One Trackback

  1. […] Update: Also see this guide and fix your ssh keys, or you’re just handing your stuff over to the NSA:… […]

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: