Submitted by chill_Surf on Tue, 11/24/2015 - 18:27
Hi there, I am wondering if you could be able to make an update so virtualmin/webmin can support ssh key authentication using passphrases, as now I can't use any passphrases and in case the private key is stolen the server could be easily compromised.
I tried to perform a backup and it works with a passwordless ssh key but not with a key that is generated with a passphrase.
Could you please consider amking this update and please let me know when it will approximately be available?
Status:
Active
Comments
Submitted by JamieCameron on Tue, 11/24/2015 - 19:39 Comment #1
In theory this could be implemented, but from a security point of view it would be kind of pointless because the passphrase for the SSH key would have to be stored on the system somewhere for Virtualmin to perform backups. So if someone breaks in and finds the protected SSH key, they would also have access to the passphrase.
Submitted by chill_Surf on Wed, 11/25/2015 - 12:10 Comment #2
Dear Jamie, I fully understand that security flau in case i use the passphrases. I was going to ask you later about it.
So, how can someone perform a backup and somehow make it work with more security than the above solution? Is there another way to perform a connection via virtualmin using ssh key with passphrase?
I've read about using passphrases with tools such as virtualmin, but it is about ssh-agent and/or a front end to it such as keychain. As I am a rookie I don't understand what this solution is about.
Can you give me your opinion on this security issue?
Thanks, Chill_Surf
Submitted by JamieCameron on Wed, 11/25/2015 - 23:52 Comment #3
The only possible solution I can think of would be to require the user enter a passphrase when backing up, but this would prevent automated background backups from working.
Submitted by chill_Surf on Sat, 11/28/2015 - 02:27 Comment #4
Dear Jamie, I am very happy to tell you that i found a solution on making the automatic backups more secure than just using a passwordless ssh key.
Another layer of security could be, to Restrict SSH logins to a single command. I hope that we can make a specific user on the remote backup server so that all virtualmin servers, have key restrictions to specific backup command as the default setting. Or something you can think of.
It is described how it is achieved, in this link: http://cybermashup.com/2013/05/14/restrict-ssh-logins-to-a-single-command/
I would be glad if this could be implemented to virtualmin. I am willing to try to implement it on my own, so I save you on trouble and then let you know how to do it, so I save time from you. I would need some point-outs for the start as I am not a virtualmin developer :P In case you are going to implement it, I would be interested to know when this could be available for Centos 6.7 virtualmin updates.
I hope I have helped, Chill_Surf
Submitted by andreychek on Sat, 11/28/2015 - 10:03 Comment #5
Have you tried the solution mentioned above? If so, did it work for you?
Or are you just saying you'd be interested in trying something like it?
I suspect it'd be fairly tricky to implement that well within Cloudmin, since Cloudmin needs the ability to run several different commands and arguments. It may also prevent several Cloudmin features from working altogether.
However, if you find that it works for your needs, you can certain manually implement that particular solution by adding the lines you need to the user's authorized_keys files on the remove server.