Hi Jonathan,
On Wed, 03 Jul 2019 at 11:07:11 +0200, Jonathan Carter wrote:
> weasel has also pointed out to me that the open permissions may also be
> a problem for dropbear users who's initramfs host private key can easily
> be spoofed by anyone who can read the initramfs, so I do believe that
> this is worth some attention right now.
The ‘dropbear-initramfs’ package installs a file /usr/share/initramfs-tools/conf-hooks.d/dropbear
containing the following the following snippet [0]:
# Set the umask value of the generated initramfs file to avoid
# disclosing SSH host keys.
UMASK=0077
‘cryptsetup-initramfs’ currently doesn't do that automatically, as it's
only needed for particular setups, when key material is copied to the
initramfs image. However the hook aborts (i.e. and no initramfs is
built) when the ‘KEYFILE_PATTERN’ variable is set to a non-empty value [1].
Cf. also https://bugs.debian.org/767448#15 .
Cheers,
--
Guilhem.
[0] https://salsa.debian.org/debian/dropbear/blob/master/debian/initramfs/dropbear-hook-conf
[1] https://salsa.debian.org/cryptsetup-team/cryptsetup/blob/debian/2%252.1.0-5/debian/initramfs/hooks/cryptroot#L397
Attachment:
signature.asc
Description: PGP signature