1

Most tutorials for setting up SSH recommend generating the keypair on a client machine. Why exactly is this?

Assuming your communication lines are not compromised, and you delete the private key from the server after acquiring it, is it safe to generate the keys on a remote host?

  • 1
    When you generate an SSH key using the AWS control panel, it does exactly what you say. – paj28 Jul 29 '16 at 06:53

2 Answers2

3

Because most guides are written for people who are not experienced and it is assumed to be safer (by reducing possibilities for mistake) to prevent the private keys from being transmitted/stored outside of the client on which they were generated. ssh-keygen command also automatically sets the limited permissions to the generated private key reducing the number of steps required.

Where you generate the keys and how you distribute them depends solely on the process (in the "management process"-sense). As long as you do not the compromise security by using an insecure generator or an insecure channel, the exact place where you generate the key pair does not matter. It might as well be a third machine.

techraf
  • 9,149
  • 11
  • 44
  • 62
  • 1
    Thank you for clearing that up. For me it usually is a third machine (maybe virtual), just because it's so easy to generate keys on linux, and my desktops usually are Windows. – Amani Kilumanga Jul 29 '16 at 07:39
-1

Just guessing here, but keys depend on randomness and most servers don't have great sources of entropy. Entropy often comes from mouse movements and typing on the keyboard, things found on clients.

Swashbuckler
  • 2,155
  • 8
  • 9
  • 2
    Please don't guess. Entropy also comes from [disk and interrupt timings](http://unix.stackexchange.com/questions/172528/what-entropy-sources-are-used-by-the-linux-kernel), and servers have plenty of those. – Sjoerd Jul 29 '16 at 07:34
  • Plenty of those? Really? You might find this of interest then: https://www.blackhat.com/docs/us-15/materials/us-15-Potter-Understanding-And-Managing-Entropy-Usage.pdf "Even without doing 'crypto' there is constant pressure on the entropy pool due to OS activities" What's worse than guessing? Asserting something as true, when it's not. – Swashbuckler Jul 29 '16 at 12:53
  • 1
    @Swashbuckler And even worse is relying on self-serving treatises as actual facts. – MAP Jul 30 '16 at 02:58
  • @Swashbuckler The authors of the slides you referenced (from 29 onwards) make a mistake of likening `entropy_avail` counter with an outbound entropy pool, when it's in fact the inbound pool (see [this answer](http://security.stackexchange.com/a/127498/86652)). Their conclusions regarding the entropy consumption are thus flawed (they even seem to admit it "[results] not consistent, still doing research" and "entropy use is not well understood"). – techraf Aug 01 '16 at 06:43