Keep SSH Sessions Active, Or Reconnect?

borjonx writes "Is it safer to log out of an SSH session, and re-establish it later, or just keep the connection open? Like many of you, I use OpenSSH to connect to my Slackware Linux boxes remotely from Linux and WinXP (putty.exe) clients. At home and at work, I wonder if it would be safer to just leave the connection open (my clients are physically secured, the servers limit connections with hosts.allow). Is it more secure to re-establish the connection over an insecure link (big bad internet) where people can sniff that handshaking, or is it more secure to just remain connected? I connect 1 to 4 times per day, most days."

screen

[Singularity42]

Just use the program, "screen", if you want to resume your sessions.

Re:screen

[flydpnkrtn]

Just use the program, "screen", if you want to resume your sessions.

That's not what he's asking though... "Is it more secure to re-establish the connection over an insecure link (big bad internet) where people can sniff that handshaking, or is it more secure to just remain connected?"

With a tinfoil hat on, he's asking if it's OK for the OpenSSH handshake to be happening 1-4 times per day across the big bad interwebs (traffic that could potentially be sniffed). He's not asking how to maintain sessions even if ssh itself is disconnected (which is what screen gives you)

Re:screen

[MightyMartian]

I actually use screen a lot, particularly when I'm doing big compiles or other operations that are going to be going on for a while. Particularly when I'm working from home, I've been nailed by way too many spurious disconnects. Screen is an awesome little program. I use it when I'm coding in the shell, I can flip between screens a lot faster than I can through any GUI.

Re:screen

[StudMuffin]

http://www.ubuntu.com/usn/usn-370-1

Burned by that. Prolly fixed now, but that doesn't mean I am eager to resume :D Call me old fashioned.

Re:screen

[flydpnkrtn]

"cstone and Rich Felker discovered a programming error in the UTF8 string handling code of "screen" leading to a denial of service. If a crafted string was displayed within a screen session, screen would crash or possibly execute arbitrary code."

Wow.... ouch. Especially on a shared host with random other people you don't know...

OpenVZ VPS's for the win! It's your own personal "box" effectively

Re:screen

[sopssa]

Exactly.

The only thing we can say here is that if your computer is physically secured (you can log out to login screen and leave the sessions running, and encrypt your hdds), it doesn't matter if you leave your session running or not. Your ISP can't "sniff that handshaking" and go on without you getting a security warning. If you do, you just wont accept the connection and try to solve what's going on. Just remember to log out after leaving from computer.

If NSA or some other organization had a way to break into your SSH session and they cared to use it against you (with the risk of that info leaking), then you have much larger problems than worrying about if you should leave ssh sessions open or reconnect.

Re:screen

[yincrash]

you could use a key pair to login rather than a password. then keep the key on physically secured usb storage. that would prevent any password issue.

Re:screen

[zippthorne]

There is no need to be entering your password in every time. If you're logging in frequently, see man pages for ssh-agent, ssh-keygen, and ssh-add.

It's not that difficult to set up, although the first time takes few minutes to understand. Your OS may also have integration into its keychain, depending on what you're using.

Re:screen

[mysidia]

RTFM.

That's why you set a screen password. Control + A, : password ENTER

The attach cannot proceed without typing the password. The password cannot be changed (for an already running session) without attaching first.

From the screen man page:

password [crypted_pw] Present a crypted password in your ".screenrc" file and screen will ask for it, whenever someone attempts to resume a detached. This is useful if you have privileged programs running under screen and you want to protect your session from reattach attempts by another user masquerad- ing as your uid (i.e. any superuser.) If no crypted password is speci- fied, screen prompts twice for typing a password and places its encryp- tion in the paste buffer. Default is `none', this disables password checking.

Re:screen

[Antique+Geekmeister]

The ability to read your sockets, directly, to steal the passphrase requires access during that action, with root privileges. It also requires a bit of programming knowledge. Conversely, the ssh-agent access merely requires stolen user level privileges at any time during the period that you have the agent loaded up. It's the difference between picking a lock, and looking under the doormat for the key the owner left there.

A similar issue occurs with administratively privileged sessions without a screen locked, but this is exacerbated by the casual handling of $HOME contents in numerous working environments.

Re:screen

I'm only posting anonymously because I moderated already. But I've thought about this problem also, and it comes down to user education, including admin superusers. One rule we have at our company is you su to root first before using the root user in a screen session. This way you have to be root in order to attach to the session, meaning that you already have the privilege of running as root.
You can also add a session password to screen for added security so even other members of root cannot attach.

In other words, if you have to keep root open in a screen su to root first before using screen.

 

Re:screen

Try tmux instead of screen. I've found it to be more robust and intuitive, probably by virtue of not being GNU.

You're probably not that special..

[Anrego]

Seriously..

The minor advantage over one or the other is moot.. because unless you've got something of actual importance (in which case it shouldn't be on your home computer) no one is going to go through the bother of trying to break in either way.

If someone wants whats on your computer.. they'll probably just grab you and beat you to a pulp until you give them your password.

Wat

[sakdoctor]

What gives you the impression that the key-exchange in SSH is vulnerable?
The short answer is: Whatever.

http://en.wikipedia.org/wiki/Diffie-Hellman_key_exchange

Re:Wat

[xZgf6xHx2uhoAj9D]

More to the point (since basic Diffie-Hellman is vulnerable to man-in-the-middle attacks), if you already have the "fingerprint" stored for your home machine, that really can't be faked, so you're safe. If you're not storing the "fingerprint" (why not?) then, well, why would anyone do that?

Re:Wat

[hunteke]

What gives you the impression that the key-exchange in SSH is vulnerable?

Answer: The key-exchange is not vulnerable. However, there is an issue the first time you connect to one host from the other. That initial message that most people ignore is a possible MITM (Man in the Middle) avenue a cracker could harness.

Example message:

The authenticity of host 'ssh.example.com (123.234.123.234)' can't be established.
RSA key fingerprint is 96:21:c3:32:3d:cc:18:d5:53:6a:d4:0d:0d:73:c6:1a.
Are you sure you want to continue connecting (yes/no)?

While giving the password to the remote server for authentication may be secure, unless you've verified that fingerprint, you don't know to whom you're talking. That is, when you connect the first time, and you blindly accept that fingerprint, if it's a cracker, you are literally typing your password to the rogue machine (that would then turn around and log in "as you" to the real machine).

Ideally, you would to verify that fingerprint with a version you get through alternate, presumably secure, means. E.g. an over-the-phone conversation with an administrator, or physically accessing the work system and writing it down, or (temporarily) connecting directly to the server with a cross-over cable.

Re:Wat

[palegray.net]

Precisely. On a Linode Linux VPS, for example, this can be accomplished via the console using the following command:

ssh-keygen -l -f /etc/ssh/ssh_host_rsa_key.pub

Re:Wat

[jroysdon]

The solution to the first-time key exchange is SSHFP + DNSSEC.

Always mitigate against the most likely risk

[pthisis]

Is it safer to log out of an SSH session, and re-establish it later, or just keep the connection open?

Breaking the crypto is almost assuredly not the weakest point in your connection. I'd stay connected, since by far the biggest danger is user errors: you accidentally connecting to the wrong serves, ignoring a cert change alert or something else boneheaded.

Assuming you're not using SSH1, the client and server should periodically regenerate session keys, so it's not like you'll be encrypting vast sessions with just one key (not that this is likely to be the biggest point of failure in your system even without re-keying).

Re:Always mitigate against the most likely risk

[fm6]

I'd stay connected, since by far the biggest danger is user errors: you accidentally connecting to the wrong serves, ignoring a cert change alert or something else boneheaded.

User error isn't merely the biggest danger. If you count social engineering exploits and sloppy procedures as "user error" than user error accounts for almost all exploits. Mathematical exploits are few and far between — "breaking the code" is something that pretty much happens only in bad spy movies.

(And yes, I know how Blechley Park "broke" Enigma. Except Enigma was never broken. Sloppy procedures by Axis radio operators made the code less secure than it should have been. As it was, they needed brilliant mathematics, early computers, and a lot of luck to even read a small portion of Enigma traffic.)

But why is connecting to the wrong machine a security breach? Because you're sending your password to somebody that shouldn't have it? Passwords themselves are poor security — nobody can remember all the passwords they need to use, and the usual methods of recording them (like the post-it attached to the monitor) are horribly insecure. If you're paranoid enough to use SSH, you should be using SSH's public key authentication.

Neither

[nacturation]

Both the persistent connection and the handshake protocol to establish a new connection are completely secure for any practical purpose. If both the server and the client are completely secure, and the connection between them is secure (via strong crypto in ssh) then pick whichever method works best for you.

Re:Reconnect.

[pthisis]

SSH doesn't use SSL, and SSHv2 has provisions for rekeying even during a single connection.

gnu screen

[laktech]

I find using the screen to manage my many simultaneous SSH sessions extremely helpful. This tool is so useful it's on the same level as Adblock is to Firefox. With this tool, the reconnect/connect issue is a moot point.

Re:Anonymous Coward

[dougmc]

Well, yes and no.

It gives the hacker more chances to sniff the connection, but less time to decrypt whatever was sniffed during the beginning of a connection and use it to take over the connection.

It could go either way, depending on whatever vulnerabilities may be found in OpenSSH in the future (or are already known, but not public knowledge.)

Personally, I'd think that going for more, shorter lasting connections would be safer than fewer, longer lasting ones, simply because if they can figure out your password from the key exchange, they can probably do it every time, so it doesn't matter if it's one or many times -- they go it. Of course, this assumes a future vulnerability ...

How safe is your box?

[gmuslera]

If you assume that the remote server is safe, and the communication is safe, then the risk could be at your own box.
Forgetting to set even a screensaver with password in a place where are more people (i.e. kids, or in an office ) or even not people (dont think a cat could hit rm -rf, but is your server, not mine) could make a difference in that question. Could be also an hypotetical risk of some rogue app/trojan (?) sending events to the window that have the ssh session too, but odds are somewhat low.

Key Fingerprint

[phantomcircuit]

the only thing that is important is that you verify the public key fingerprint presented by your server to prevent MITM attacks. Aside from that there is absolutely no reason to believe the ssh protocol itself has been broken.

Re:Don't leave your computer turned on.

[gregben]

If your computer is turned off, lightning isn't blowing through the ground line of your UPS like a knife through butter and turning your motherboard into a campfire.

No. The easy, safe, way to protect against lightning strikes is to turn off and unplug the computer so there is no conductive path into it.

Re:Reconnect.

Not really, SSL and SSH uses the DH handshake differently. SSL performs all sort of craziness where you select different chipers, sizes and wheter to encrypt at all. SSH does not.

Re:One Way to Prevent Session Hijacking

[Vairon]

The ask slashdot article is about SSH NOT SSL. Session hijacking has nothing to do with SSH.

Re:Better to disconnect

[mysidia]

The short of it is you need to be the only Administrator of your workstation, in order to really have a connection to the Unix servers that you can verify the security of. You are most "secure" with a standalone workstation, having Windows Firewall enabled, no exceptions enabled, no domain membership, forceGuest set to on, and passwords required for all local access.

If your organization requires security of the servers, then ensuring no untrusted admin has the technical ability to screw with workstations is critical.

Just because a naive Windows admin doesn't have a simple way of shadowing your session, doesn't mean it is at all hard.

One group policy setting to deploy "compliance software" such as 3AMI/MAS Employee Monitoring Software, with keylogging enabled, and.. suddenly your SSH sessions and passwords aren't so secure... Oh, that's just the legal route. Of course, "trojans" or some $5 keylogger can be deployed too, from a system management console, and configured via enforced registry settings.

If you have software installed by someone else, OR someone else has a valid login to your workstation, OR your computer is a member of a Windows domain, then someone else can run software on your computer, and they can also change the configuration to enable them to shadow your session.

And yes, most shrink-wrapped management software provide a way to do this. Typically, the technology used is VNC, TightVNC, or UltraVNC.

There are also some commercial software (remote access) products that do this.

Most management software allow the running of arbitrary remote programs. It is trivial to deploy registry settings and software via group policy or remote IPC access, from a domain computer.

Tools included with Windows Server and available through SYSINTERNALs allow this without buying any management suite.

But DameWare, Hyena SystemTools, Purgos, ScriptLogic, LANRev, ZENWorks, IBM Director, all provide point-and-click interfaces to do this sort of thing.

The management software itself may provide a simple "one-click link" to quietly shadow your session.

Re:Better to disconnect

[mysidia]

Addendum: embarrassed that I mentioned UltraVNC without also mentioning Timbuktu can be made to do this.

VNC normally displays a little icon in the taskbar, but a simple registry setting pushed via login script or group policy can hide it.

It can also be easily hidden in task manager/process viewer, through other methods, I won't mention, because they are easily abusable tricks I don't wish to encourage, not documented anywhere, and relatively unknown to most developers and to the community. But also not hard to figure out: so, you don't need other people having access to your computer if you want anything close to a security guarantee, you must fully and properly administer and secure your workstations yourself (or have someone trusted due that, without lending access to a large population of admins via domain or central management).

Re:OK, I grant that you did say "theoretically", b

[mysidia]

They don't have to crack DHE in general, all they need to crack is diffie-hellman-group1-sha1.

Since a fixed DH group is used, this could be attacked through precomputing many values for the discrete logarithm.

If the key negotiation happens to fall into one of the precomputed values, then that session is in trouble.

Solving the wrong problem.

[1s44c]

I use OpenSSH to connect to my Slackware Linux boxes remotely from Linux and WinXP (putty.exe) clients.

You are fixing a non-problem. You should be fixing the weakest point of attack first, that being the windows machine you are connecting from.

Edumacation

[Fizzl]

Read the big red book "Applied Cryptography: Protocols, Algorithms, and Source Code in C". http://www.amazon.com/Applied-Cryptography-Protocols-Algorithms-Source/dp/0471117099/ref=sr_1_1?ie=UTF8&s=books&qid=1265363727&sr=8-1 Highly recommended to anyone who uses public key encryption or needs to implement VPN's, mail encryption or tunnels.

In essence, no it doesn't make any difference. However, if for example you application would communicate short commands often through public key encryption it would be more economical to use persistent connections instead of making new connections all the time. Key generation is Expensive.

Also, in you situation, just use screen.

How in the hell does retarded 'ask slashdots' make the front page, but not my submission of http://itpomminpurkaja.blogspot.com/2010/02/css-anchor-pseudo-class-concerns.html and http://www.fizzl.net/ for which I actually expended some effort to create.

Re:Man-in-the-middle?

[MoralHazard]

Your concerns are irrelevant, here. SSH fingerprints make man-in-the-middle attacks effectively impossible, as long as the user doesn't habitually ignore the (rather obvious) messages and errors when keys change. I don't know about you, but I have a hard time glossing over a message like "KEY CHANGED--SOMEBODY COULD BE TRYING TO BREAK IN!" and the subsequent error.

The initial "unknown key" error message isn't quite as loud, and lots of people don't bother validating key fingerprints, but that doesn't matter because initial connections aren't the scenario we're discussing, here. Whether the use decides to make new connections or keep existing ones open, he's already approved the key fingerprints during a previous connection.