[Cryptography] Applying the Mesh to do SSH really right

Howard Chu hyc at symas.com
Tue Oct 26 21:15:47 EDT 2021

Phillip Hallam-Baker wrote:
> On Tue, Oct 26, 2021 at 3:22 AM Howard Chu <hyc at symas.com <mailto:hyc at symas.com>> wrote:
>     Phillip Hallam-Baker wrote:
>     > On Sun, Oct 24, 2021 at 8:40 AM Howard Chu <hyc at symas.com <mailto:hyc at symas.com> <mailto:hyc at symas.com <mailto:hyc at symas.com>>> wrote:
>     >
>     >     Phillip Hallam-Baker wrote:
>     >     > April King started a thread on Twitter about how to use SSH in the enterprise: Why aren't people using the SSH PKI, why do people roll their own key
>     >     > provisioning scripts knowing these are almost certain to be disaster areas?
>     >
>     >     Good question. Pretty much every pain point you outline here is already solved in enterprises by LDAP.
>     >     Rolling any other solutions just sounds like pointless protocol proliferation.
>     >
>     >
>     > Since a major concern I raised was insider threat and since LDAP is a single point of trust, I fail to see how LDAP is remotely relevant.
>     You cannot eliminate that central point. You have to give someone authority to terminate
>     or disable an employee's access. Anyone who can do so can also reset their credentials.
> Yet the Mesh does exactly that. It is a Threshold Key Infrastructure.

So how does this Mesh infrastructure solve the problem of HR staff needing to be able to provision and
de-provision accounts for hiring/firing employees, without allowing them to set arbitrary creds
on those accounts?

> LDAP was a less bad version of X.500 (mostly) developed by Netscape in the 1990s. I am very familiar with it.

You're very familiar with it you say, but no, it was developed mostly at University of Michigan. By 4 of my colleagues
there in fact. They only went on to be hired by Netscape after they had already developed a working implementation.

> But it's primary function was to support the
> enterprise X.509/PKIX systems being developed by VeriSign and Entrust. And even then, it was more of a liability than an asset.>  
>     > LDAP does not address the private key management either. All it does is provide one means of distributing certs.
>     That is false. It can also be used to securely distribute the private keys. Painlessly,
>     as demonstrated here https://twitter.com/hyc_symas/status/851170944345407488
> So now you are generating private keys and distributing them to devices. What is the security model here? How do you authenticate the requests?
> If your answer is 'plaintext password to the LDAP directory' then all you have managed is a downgrade attack reducing a public key authentication system to a
> password based one.

You have to bootstrap somehow, if you never used any form of PKI at all before. Once users are
enrolled you can remove/disable their old passwords.

>     > I have never understood what advantage LDAP was
>     > supposed to have over some HTTP scheme for that.
>     The simple fact that LDAP implementations already come with mature security models with
>     fine grained authorization and distributed administration makes it far more suitable than
>     an arbitrary scheme cooked up over HTTP.
> So we should give up on computer security research, the problem is already solved. The fact there is a major breach every week must be an illusion.

Those major breaches every week seem by and large to be happening to systems built on newer/
immature technologies. Plenty of reports about insecure MongoDB installations and other NoSQL
systems - which have no security model to speak of, and ship with wide open access permissions.
Similar for SQL / RDBMSs. I can't actually find any reports of an OpenLDAP based system being
breached in the past decade or more. Plenty of MSAD breaches too but that's just Microsoft, no
news there.

  -- Howard Chu
  CTO, Symas Corp.           http://www.symas.com
  Director, Highland Sun     http://highlandsun.com/hyc/
  Chief Architect, OpenLDAP  http://www.openldap.org/project/

More information about the cryptography mailing list