Trusted Platform Module/SSH
A TPM can be used to store SSH private keys, making them harder to steal. This mechanism is much more secure than using filesystem permissions, and is comparable in security to encrypting the keyfile, with different considerations.
SSH can be configured to read PKCS 11 keys from the TPM using libtpm_pkcs11.
Installation
USE Flags
USE flags for net-misc/openssh Port of OpenBSD's free SSH release
+pie
|
Build programs as Position Independent Executables (a security hardening technique) |
+ssl
|
Enable additional crypto algorithms via OpenSSL |
audit
|
Enable support for Linux audit subsystem using sys-process/audit |
debug
|
Enable extra debug codepaths, like asserts and extra output. If you want to get meaningful backtraces see https://wiki.gentoo.org/wiki/Project:Quality_Assurance/Backtraces |
kerberos
|
Add kerberos support |
ldns
|
Use LDNS for DNSSEC/SSHFP validation. |
legacy-ciphers
|
Enable support for deprecated, soon-to-be-dropped DSA keys. See https://marc.info/?l=openssh-unix-dev>m=170494903207436>w=2. |
libedit
|
Use the libedit library (replacement for readline) |
livecd
|
Enable root password logins for live-cd environment. |
pam
|
Add support for PAM (Pluggable Authentication Modules) - DANGEROUS to arbitrarily flip |
security-key
|
Include builtin U2F/FIDO support |
selinux
|
!!internal use only!! Security Enhanced Linux support, this must be set by the selinux profile or breakage will occur |
static
|
!!do not set this during bootstrap!! Causes binaries to be statically linked instead of dynamically |
test
|
Enable dependencies and/or preparations necessary to run tests (usually controlled by FEATURES=test but can be toggled independently) |
verify-sig
|
Verify upstream signatures on distfiles |
xmss
|
Enable XMSS post-quantum authentication algorithm |
USE flags for app-crypt/tpm2-pkcs11 A PKCS#11 interface for TPM2 hardware
USE flags for app-crypt/tpm2-tss TCG Trusted Platform Module 2.0 Software Stack
+fapi
|
Enable feature API (requires openssl as crypto backend) |
+openssl
|
Use dev-libs/openssl as crypto engine |
+policy
|
Enable policy library (requires openssl as crypto backend) |
doc
|
Add extra documentation (API, Javadoc, etc). It is recommended to enable per package instead of globally |
mbedtls
|
Use net-libs/mbedtls as crypto engine |
static-libs
|
Build static versions of dynamic libraries as well |
test
|
Enable dependencies and/or preparations necessary to run tests (usually controlled by FEATURES=test but can be toggled independently) |
Emerge
root #
emerge --ask app-crypt/tpm2-pkcs11
root #
emerge --ask app-crypt/tpm2-tss
root #
emerge --ask net-misc/openssh
root #
emerge --ask sys-apps/dbus
Configuration
Service
OpenRC
Add dbus and tpm2-abrmd to the default runlevel on OpenRC systems:
root #
rc-update add dbus default
root #
rc-update add tpm2-abrmd default
root #
rc-service dbus start
root #
rc-service tpm2-abrmd start
User groups
Users must be added to the tss group to use the TPM's stored keys:
root #
gpasswd -a larry tss
Key Creation
Then, as the user, create a new primary, token & private key. There is debate about whether it is better to create the private key in software and import it (easier to audit and trust the creation). Or create the private key on the TPM so it never touches the disk. For this example, create the private key via the TPM.
user $
tpm2_ptool init
user $
tpm2_ptool addtoken --pid=1 --label=ssh --userpin=PasswordRequiredToUsekey --sopin=AdminPasswordForUncommonModifications
user $
tpm2_ptool addkey --label=ssh --userpin=PasswordrequiredToUseKey --algorithm=ecc256
RSA and different key sizes are available. Find a complete list in the source.
It's possible to set --userpin=""
to mimic the behavior of an SSH key that doesn't have password protection. But leaving it empty means the physical theft of the computer can allow an attacker to use the SSH private key through possession of the TPM alone. Setting a password achieves two factors of authentication, something you have (TPM) and something you know (password).
SSH
Using the TPM by default
To configure SSH to try to use TPM keys by default:
PKCS11Provider /usr/lib64/pkcs11/libtpm2_pkcs11.so
This directive could also be added to specific hosts like:
Host ExampleHost
Hostname 127.0.0.1
PKCS11Provider /usr/lib64/pkcs11/libtpm2_pkcs11.so
Usage
Reading public keys
To retrieve the public key from the TPM, run:
user $
ssh-keygen -D /usr/lib64/pkcs11/libtpm2_pkcs11.so
These key fingerprints can be copied to the ~/.ssh/authorized_keys file like with other SSH keys.
At this time, ssh-copy-id does not work with libtpm2_pkcs11.so.
Using keys
To use the TPM key for a single SSH connection:
user $
ssh -I /usr/lib64/pkcs11/libtpm2_pkcs11.so user@remote.host.tld
SSH agent
To load the key into the SSH agent:
user $
ssh-add -s /usr/lib64/pkcs11/libtpm2_pkcs11.so
This command is necessary every time the system reboots or the ssh-agent session expires, if configured to expire.
Signing Git commits with ssh-agent
Load your key into SSH agent (if you haven't already)
user $
ssh-add -s /usr/lib64/pkcs11/libtpm2_pkcs11.so
Copy your SSH public key to disk
user $
ssh-keygen -D /usr/lib64/pkcs11/libtpm2_pkcs11.so > ~/.ssh/tpm_key.pub
Within your git repo run
user $
git config gpg.format ssh
user $
git config user.signingkey ~/.ssh/tpm_key.pub
Optionally, to sign all commits instead of commit -S
only.
user $
git config commit.gpgsign true
You can use
git config --global
to apply any of these settings to all repos, instead of just the current one.See Also
- SSH — the ubiquitous tool for logging into and working on remote machines securely.
- YubiKey/SSH — YubiKeys can be configured to authenticate SSH connections