0

I had to generate something that has a .key extension. And the instruction simply says "store it securely". How???

The answer I'm hoping to get here is, e.g., should it be a folder? With what permissions on a folder? Is there any conventional name and/or location on a disk where to keep it? Or the more random, the better? What should be the permissions on the file itself (400 I guess?)...

My question goes beyond the one about storing SSH keys in that it's more general. Actually, I have looked at my .ssh folder. I see that it's 600, will it be reasonable to store all the keys there?. But I've just read that browsers can read from that folder...

Also, I don't need a password encryption on that key (in my particular case, but I think it would be nice to know as option b) as well.)

It's a very basic question but I did spend some time searching the Internet but most of the answers refer to some special cases when keys are being store in the code or require third party encryption or what not. I'm looking for a kinda basic best practice guidelines.

alisa
  • 101
  • 1
  • 1
    However you store it, store it in a least three distinct locations. One you can get to quickly, the second you can scavenge if the first fails & the third for if the house burns down. e.g. USB key; in-house backup; off-site backup. – Tetsujin Jun 14 '17 at 18:23
  • 1
    @Tetsujin Thanks for the answer. However, "securely" in the sense me not losing it goes beyond this question. I'm still wondering more about what would be considered "secure" in a reasonably secure environment (within a closed private network, say) so no third-party software is needed... I guess a sub-question might be: is the `./.ssh` folder secure and what is it used for.. besides connecting to git?))) – alisa Jun 16 '17 at 15:14

2 Answers2

2

What counts as "secure enough" depends on your threat model - what you're protecting, who your attackers are, and your exposure.

If you're guarding a key to your high-score lists on a stand-alone machine to which no-one else has access, a world-readable file may be "secure enough".

If you're guarding an SSH key to a server farm on a student computing server, then you might want to keep it encrypted on a removable device which is only ever connected briefly when needed.

Most use cases fall somewhere in between (some fall outside, particularly in military contexts).

Toby Speight
  • 4,866
  • 1
  • 26
  • 36
  • 2
    Of course, if you keep the only copy on a USB key, expect to lose access within months if not weeks... when the key fails. – Tetsujin Jun 14 '17 at 18:20
  • @Toby Speight Thanks! I definitely didn't expect that the answer may vary so widely depending on the situation. So it's definitely not a "military-secure" level, it's somewhere within a pretty secure environment... As I wrote in the above comment to Tetsujin, I'm still wondering more about what would be considered "secure" in a reasonably secure environment (within a closed private network, say) so no third-party software is needed – alisa Jun 16 '17 at 15:16
0

Buy a HSM, Yubikey or smart card. This is the most secure way how to store it, because even evil application can not red the private key material. Everything what is stored on the filesystem (even with 600 permissions) can be read by the evil root users. If it is encrypted on filesystem, you need to decrypt it for usage and again store it in the memory, which can be again accessed by evil root user.

Jakuje
  • 10,032
  • 5
  • 33
  • 34