[stunnel-users] Passphrase validation

Vasil Dimov vd at datamax.bg
Thu Jun 23 10:24:49 CEST 2005 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Wed, Jun 22, 2005 at 04:30:56PM -0700, Joseph Mocker wrote:
> 
> It depends on how the machine were broken. Presumably if you
> were that hell-bent on using passprhases on private keys, you'd
> likely isolate stunnel to run as an unpriviledged user in a chrooted
That is a good idea anyway :)

> environment, and you may very well set the coredump size to zero
> and remove a debugger all together. So unless the user was able
> to break root, the effects of the break-in might be minimized.

Private key stealing table:
* the key and the plain text file, holding the password (if any)
  should always be chown root and chmod 400
* stunnel is the (unprivileged) user stunnel is running as
* we assume that stunnel is running at the time of breakage, because
  this is the worst case.

   key storage \ break as                         root  stunnel  other user
- ---------------------------------------------------------------------------
1. unencrypted key                                YES   YES      NO

2. crypted key/password in text file              YES   YES      NO

3. crypted key/password entered at startup        YES   YES      NO
- ---------------------------------------------------------------------------

As we see there is no difference if the private key will be kept
crypted or unencrypted with or without text file holding the passphrase.

What happens if the stunnel daemon is not running during the breakage?
Note that this is an optimistic suggestion and we should not rely on it.

   key storage \ break as                         root  stunnel  other user
- ---------------------------------------------------------------------------
1. unencrypted key                                YES   NO       NO

2. crypted key/password in text file              YES   NO       NO

3. crypted key/password entered at startup        NO    NO       NO
- ---------------------------------------------------------------------------

So the only difference in all cases is if stunnel is not running and the
hacker gets root on the machine and the key is crypted and the password
is entered at startup - then it will not be possible to steal the
private key.

As a conclusion, it is obviously - that there is really no sense to
keep the password in a text file and it makes a LITTLE sense if the
password is entered at startup - in just one, rare, case this setup
will save the private key.

-----BEGIN PGP SIGNATURE-----

iD8DBQFCunHRFw6SP/bBpCARAtN4AJ0TBfANXVyyLNKojIaFzb1E/7WBqQCeIcop
rAqsbhJmK9oBYg/Rb9iJzSE=
=rFAJ
-----END PGP SIGNATURE-----

More information about the stunnel-users mailing list