FreeBSD Servers Hacked: Lessons on SSH Public Key Authentication

Tuesday, December 04, 2012

Mark Baldwin


On November 17th released an announcement that two of its servers that are used to package third-party software with its popular operating system had been compromised. This incident was detected by the FreeBSD team on November 11 2012. While the administrators of the site could not verify if any of the third-party packages had been modified, they are recommending that anyone who downloaded and installed any of their third-party packages between September 19 2012 and November 11 2012 reinstall their systems. Obviously this could be a big burden for a lot of organizations who utilize FreeBSD.

While I commend FreeBSD for the quick action they took in reporting the incident and communicating with their customers (and the community at large), I am interested in exploring the root cause of the intrusion. According to the announcement the intrusion occurred as a result of a stolen SSH key that was used by one of the developers to access their servers. For that to be true, it would also have to be true that no passphrase was installed on the private key. Assigning a passphrase to the private key would have preventing this intrusion from occurring, because the attackers would have needed the passphrase in addition to the key itself. It is similar to the need for a PIN when using an ATM or debit card. The PIN provides protection in the event that the card is lost or stolen.

Many people who regularly login to systems via SSH prefer to use the public key authentication feature of SSH so that they don't have to type in their credentials when they login. I have known many people who also argue that public key authentication is more secure than standard authentication. I have long been leery of this claim and this incident shows why. Unless a passphrase is used along with the key, then the server is at risk of compromise if the key is stolen. And adding a passphrase obviates the benefit of not having to type in credentials when using SSH to remotely login to a server. That being the case, it seems to me that the standard authentication is the better choice. No chance of having a key stolen this way.

There are situations when it is necessary to use SSH public key authentication without the use of a passphrase. Typically one does this when it is necessary for a script running on one server to login to another to perform some action (backups are a common example). In this case it is better to use SSH key authentication than to embed credentials in a script. However, it is necessary to ensure that the server that stores the private keys is highly secure. When developers and system admins use SSH key authentication, they usually install the private key on their own workstations, which in my experience, are usually the least secure systems in any organization. The FreeBSD intrusion is a perfect illustration of the dangers of relying on SSH public key authentication to bypass typing in credentials. No one likes typing in usernames and passwords, but unfortunately, this is an necessary precaution to keep your systems secure.

This article was cross posted from

Possibly Related Articles:
Information Security
FreeBSD Network Security hackers breach
Post Rating I Like this!
Douglas OLeary Hey;

I agree with your reasoning that the only way a private ssh key can be used is if the owner didn't use pass phrase. I disagree with your conclusion that sash/pka is inherently less secure. As long as its implemented correctly, sash/pka *is* more secure - two factor authentication is always better than single factor authentication. The problem is that not using a pass phrase removes the "something you know" factor.

I've written a white paper on the benefits and use of ssh/pka over other password based authentication mechanisms. That paper covers the reasons for the pass phrase requirement, how to make ssh/pka even more secure, and when it's appropriate to use null pass phrased keys.

That white paper is available at

There's another doc ther on how to appropriately set up, use, and configure ssh/pka at

Short version: like any security control, ssh/pka has to be appropriately configured to be secure.

Doug O'Leary
Mark Baldwin Hi Doug. Thanks for reading and commenting on my article. I don't think I said that sash/pka is "inherently less secure". What I said is that if the pass phrase is not used in conjectuntion with PKA (which in my experience it usually is not), then the standard password authentication IS better because there is no chance for compromise due to a lost or stolen key. I completely agree that public key authentication is superior as long as the pass phrase is used.
Marc Quibell I think FreeBSD gave out the notice as a..."precautionary measure" might be reading more into it than it's worth.
Mark Baldwin The hack did happen. Whether any code was changed is unknown. My article is more about the attack vector than impact of the breach.
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.