-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

On Wed, Jun 22, 2005 at 04:30:56PM -0700, Joseph Mocker wrote:

It depends on how the machine were broken. Presumably if you were that hell-bent on using passprhases on private keys, you'd likely isolate stunnel to run as an unpriviledged user in a chrooted

That is a good idea anyway :)

environment, and you may very well set the coredump size to zero and remove a debugger all together. So unless the user was able to break root, the effects of the break-in might be minimized.

Private key stealing table: * the key and the plain text file, holding the password (if any) should always be chown root and chmod 400 * stunnel is the (unprivileged) user stunnel is running as * we assume that stunnel is running at the time of breakage, because this is the worst case.

key storage \ break as root stunnel other user - --------------------------------------------------------------------------- 1. unencrypted key YES YES NO

2. crypted key/password in text file YES YES NO

3. crypted key/password entered at startup YES YES NO - ---------------------------------------------------------------------------

As we see there is no difference if the private key will be kept crypted or unencrypted with or without text file holding the passphrase.

What happens if the stunnel daemon is not running during the breakage? Note that this is an optimistic suggestion and we should not rely on it.

key storage \ break as root stunnel other user - --------------------------------------------------------------------------- 1. unencrypted key YES NO NO

2. crypted key/password in text file YES NO NO

3. crypted key/password entered at startup NO NO NO - ---------------------------------------------------------------------------

So the only difference in all cases is if stunnel is not running and the hacker gets root on the machine and the key is crypted and the password is entered at startup - then it will not be possible to steal the private key.

As a conclusion, it is obviously - that there is really no sense to keep the password in a text file and it makes a LITTLE sense if the password is entered at startup - in just one, rare, case this setup will save the private key.