|
|
|
|
|
|
by VitalKoshalew
1126 days ago
|
|
|
From my experience, almost nobody fully understands proper public key distribution practices. Usually, it all ends with "Please find my public key attached to this e-mail." - "Imported. You can log in." No fingerprint check via different means of communication (e.g. over phone) etc. I can imagine a scenario of an attacker being able to intercept and substitute such e-mail with an identical one that just has the attached public key modified to include the backdoor "command=" modification. There may be numerous other scenarios such as substituting a public key in a shared public key storage/database. Public keys are often treated as something totally harmless. It's assumed that the worst case scenario is that SSH connection will just fail if a public key was tampered with unless an attacker is also able to intercept and proxy actual SSH connection in real time (which is much more complex and much less feasible). The attack described should be taken very seriously. Entities that have shared public key repositories may need to review their practices and include an automatic check for "command=" in the public keys uploaded. Of course, proper procedures on SSH server end (such as visually inspecting a key before installing it while confirming the fingerprint over a different medium) should already prevent this attack from succeeding, but they likely rely on additional human intervention which is not always done in real life. |
|
|
The advantage of this method is that it works without supervision. If the attacker just replaced the key, they would have to attempt to login in the narrow window between installation and it being replaced because it does not work.