The security dilemma, carrying keys on your phone.
May 15, 2010 by ciemon · 5 Comments
For at least 6 months I’ve been waiting to get a new phone; with Android being the obvious option and the HTC Desire fitting the bill perfectly, it arrived yesterday.
One thing that my HTC TyTn-II and Windows Mobile didn’t do too well was ssh; tiny screen, tiny keys, tiny text made it hard, and the fact that it mashed byobu when I did manage to log in meant that I really didn’t use it.
By there are none of those problems with the new phone.
I’ll be carrying my private ssh key on my phone, with my pgp key too, or should I say that I’m considering it. I guess that I’m not comfortable with having those keys in a un-encrypted state on a device that can be easily lost; effectively compromising everything that I use the keys with. Right, before panic sets in, what’s the risk?
I think there are two, unknown loss of the keys and known loss of the keys.
Unknown loss of the keys, done whilst the phone isn’t in my pocket, is certainly the worst case, because I’d be unaware of the compromise. If I know I’ve lost the keys then I can revoke and replace them in accordance with my plan (once I’ve written it). Of course I don’t just use my keys on personal work, and so this is a real risk, not just geek panic.
So how do I solve this problem, is there an application to encrypt my SD disk or files on it?
I’ve considered exactly the same questions for some time, concerning laptops. Although, with my N900, it’s also a concern for my phone now. I decided that I didn’t want keys floating around where they can be physically compromised, so I don’t keep ssh keys on laptops or my phone, and I use reasonably good passwords instead. Of course, this opens up the possibility of someone brute-forcing my publically-visible accounts, but from the look of it, that’s not a common attack method. (More likely, from looking at my system logs, is a scattergun approach with a few very simple common passwords, looking for an account name to open up).
For laptops at least, you should be able to protect your keys with a passphrase, which narrows the attack surface for brute-forcing down to having access to the machine. Does your phone’s ssh app have the ability to apply a passphrase to the key?
I’m trying out Android Privacy Guard http://www.thialfihar.org/projects/apg/ for pgp and it certainly does have passphrase support, so much so that I have to enter it twice to encrypt with the secret key. It also hooks into email rather well, and so pgp seems to be covered now.
Excuse my ignorance, but would the key’s own passphrase (assuming you gave it one) protect it from abuse? As long as you didn’t use ssh-agents, of course?
I’d always recommend pin-locking a phone. Not that it does much good, but it’s better than a kick in the teeth.
Firstly, by using keys you are improving the security of the destination systems. All my public-facing systems have sshd configured with password authentication turned off, because I then don’t need to worry about brute force attacks against passwords.
Secondly, I generate a new keypair for each device and this gives me two advantages: I don’t necessarily need to give each device access to all my systems and I can revoke a key as soon as I think it may be compromised.
Finally, all my keys are secured with passphrases and on systems where the credentials are stored in memory for convenience I try to ensure that they expire eventually. For example, on work machines, I generally use the -t flag to ssh-add to set an 8 hour timeout. That way, there’s a limited exposure if someone does gain access to a running machine. It also reminds me when I’ve finished my working day: ssh starts asking for a passphrase
My main worry about the ssh clients on Android is that none of them seem to come from a source that I trust and none seem to have undergone any sort of security audit.
Hi Ciemon,
I have a Desire too, slightly a side note, but how do you manage with typing in an SSH client?
I use ConnectBot but I have yet to find a decent keyboard to get all the special keys, such as Alt, Ctrl, Esc etc….
I know there are shortcuts with the Android keypad, such as Joypad button press then ‘i’ is tab, but oh for a qwerty keyboard like on the WinMob devices which had Tab, Alt, Ctrl etc…
Jon