Twitter | Search | |
Raphael Carvalho
just found out that doesn't use DIRECT IO to open *.pem, which means private key goes to page cache, which means attacker may exploit meltdown to discover your private key. I may come up with a POC. Watch it!
Reply Retweet Like More
Cliff O'Sullivan Jan 6
Replying to @raphael_scarv
Thanks for sharing
Reply Retweet Like
Raphael Carvalho Jan 6
Replying to @raphael_scarv
BTW, I'm basing my work on a tool I created which exploits to determine whether or not host is affected by the vulnerability, follow it:
Reply Retweet Like
Péricles L. Machado Jan 6
Replying to @raphael_scarv
Did you try violate the virtual machine encapsulation? Or try to access the host machine from a LXC or docker?
Reply Retweet Like
Raphael Carvalho Jan 6
Replying to @_pmachado_
Pericles, not yet, but reading the papers and docs out there, I have seen security researchers saying they can inspect data of other guests in a shared tenant environment in the cloud
Reply Retweet Like
Dick Morrell Jan 6
Raphael keep up the good work
Reply Retweet Like
Raphael Carvalho Jan 6
thanks, Dick!
Reply Retweet Like
Crypto Pietje ⚡ [NO176] Jan 6
Replying to @raphael_scarv
Is this true for all SSH implementations or 'just' a specific one like OpenSSL?
Reply Retweet Like
locotx_ftw_2002 Jan 6
Replying to @raphael_scarv
Interesting.
Reply Retweet Like
Evan Klitzke Jan 6
Replying to @raphael_scarv
Really unfortunate that we live in a world where O_DIRECT can be considered a security measure.
Reply Retweet Like
Raphael Carvalho Jan 6
not sure about other implementations, but this one is pretty much used everywhere. We all trusted Intel when writing our software for proper isolation, and when that is broken, we're basically all doomed. We should patch our systems AS FAST AS POSSIBLE!
Reply Retweet Like
Joseph LeRoy Jan 7
Replying to @raphael_scarv
So from my understanding, anyone who shares the same physical system on a cloud provider (such as AWS) has the ability to read my SSH private key contents from memory?
Reply Retweet Like
Joseph LeRoy Jan 7
Replying to @raphael_scarv
In theory, they would be able to gain access to my system if they retrieved my private key. Ways to mitigate this would be to whitelist only certain IP addresses from logging in locally / remotely and setting up MFA. Does this sound correct?
Reply Retweet Like
Martin Sundhaug Jan 7
tbf, it's a bit hard to not trust your CPU
Reply Retweet Like
Martin Sundhaug Jan 7
It's like not trusting physics
Reply Retweet Like
Raphael Carvalho Jan 7
Replying to @raphael_scarv
For anyone interested, direct io (cache bypassing) would only tighten the time range the private key is vulnerable. In other words, private key would be vulnerable while ssh program is running, whereas right now private key is vulnerable while it is not purged from page cache.
Reply Retweet Like
Raphael Carvalho Jan 7
Replying to @josephbleroy
Don't know yet to which extent malicious guest sharing host could get into host's address space, but assuming it can read all kernel space, it has access to all RAM which is mapped in the kernel space, meaning your private key is vulnerable :-(
Reply Retweet Like
dnet Jan 7
Replying to @leyrer @raphael_scarv
when you have your private keys in *.pem files instead of dedicated HW (smart card, HSM), you have deeper issues
Reply Retweet Like
Gunstick Jan 7
While you are at it, how vulerable are keys in ssh-agent?
Reply Retweet Like