Bug#536195: dropbear remote boot feature exposes initramfs host keys to regular users

Tue, 07 Jul 2009 22:00:20 -0700 

Package: dropbear
Version: 0.52-2
Severity: normal

the dropbear package takes pains to set up the initramfs with its own
host keys for remote boot.  This is good!

It also makes those host keys unreadable to non-root users.  This is
also good!

0 d...@pip:/tmp$ ls -l /etc/initramfs-tools/etc/dropbear/dropbear_*
-rw------- 1 root root 459 2009-07-08 00:08 
/etc/initramfs-tools/etc/dropbear/dropbear_dss_host_key
-rw------- 1 root root 426 2009-07-08 00:08 
/etc/initramfs-tools/etc/dropbear/dropbear_rsa_host_key
0 d...@pip:/tmp$

However, using stock initramfs-tools, the keys then get placed into a
world-readable initramfs, allowing any account on the server to
extract the host keys directly:

0 d...@pip:/tmp$ mkdir -p etc/dropbear
0 d...@pip:/tmp$ zcat /boot/initrd.img-$(uname -r) | cpio --extract 
etc/dropbear/dropbear_{dss,rsa}_host_key
40323 blocks
0 d...@pip:/tmp$ ls -l etc/dropbear/
total 8
-rw------- 1 dkg dkg 459 2009-07-08 00:45 dropbear_dss_host_key
-rw------- 1 dkg dkg 426 2009-07-08 00:45 dropbear_rsa_host_key
0 d...@pip:/tmp$ 

This exposes the remote boot setup to a potential MITM attack by any
system user who cared to copy the host keys out of the initramfs
before the reboot and is able to intercept (or misroute) network
traffic.

One really bad otucome of this is that it could allow for sniffing of
the cryptoroot passphrases.

    --dkg

-- System Information:
Debian Release: squeeze/sid
  APT prefers testing
  APT policy: (500, 'testing'), (200, 'unstable'), (1, 'experimental')
Architecture: i386 (i686)

Kernel: Linux 2.6.26-2-vserver-686 (SMP w/1 CPU core)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash

Versions of packages dropbear depends on:
ii  libc6                  2.9-12            GNU C Library: Shared libraries
ii  zlib1g                 1:1.2.3.3.dfsg-13 compression library - runtime

dropbear recommends no packages.

Versions of packages dropbear suggests:
ii  openssh-client         1:5.1p1-5.opensc1 secure shell client, an rlogin/rsh
ii  runit                  2.0.0-1           a UNIX init scheme with service su
ii  udev                   0.141-1           /dev/ and hotplug management daemo

-- no debconf information



-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Reply via email to