How bad is it to have multiple devices with the same SSH server keys?

ssh freebsd embedded internet-of-things

Rather than storing host-specific data such as ssh host keys on the SD card or other read-only media, you can store this in NVRAM, which is what it's for on an embedded system. You'll need to do some custom scripting to store and retrieve the keys at boot time, but the scripts will be exactly the same for every device.


The impact of shipping the same key pair with all your devices is directly related to the security of the clients connecting to them, as it means that there is no way (from an SSH client) to uniquely identify the device it may be connecting to. Should your key pair be leaked, it could be used for MITM attacks.

On the other hand, regenerating the keys on each boot, will also trigger an alert on the clients.

For reference, from man ssh(1):

ssh automatically maintains and checks a database containing identification for all hosts it has ever been used with. Host keys are stored in ~/.ssh/known_hosts in the user's home directory. Additionally, the file /etc/ssh/ssh_known_hosts is automatically checked for known hosts. Any new hosts are automatically added to the user's file. If a host's identification ever changes, ssh warns about this and disables password authentication to prevent server spoofing or man-in-the-middle attacks, which could otherwise be used to circumvent the encryption. The StrictHostKeyChecking option can be used to control logins to machines whose host key is not known or has changed.


It sounds like in the first option, the SSH keys would be available on the SD card. So any user could take the card and read them out. So basically your private keys have become (mostly) public.

This will allow man-in-the-middle attacks, like the following:

  1. A user sets up a SSH server with the private keys obtained from your device and gives that IP address to your technician.
  2. Your technician inputs the root password over the SSH connection.
  3. The user now knows the root password that is valid for all your devices.

However, you shouldn't be using root passwords in the first place, use ssh keys for authentication instead. Then the impact of shared server keys is pretty small if you only log on from a LAN.

SSH also provides forward secrecy, so an attacker has to be able to setup a false server to benefit from the keys; passively sniffing the traffic will not allow decrypting it.

Related

console-kit-daemon - can it be stopped?
How to prepare computers for donation
Adding file to /etc/cron.d doesn't make it run (ubuntu 10.04)
What are the benefits of "enterprise-level" virtualization?
Is an IPv6-only MTA possible yet?
How to change the default Storage Pool from libvirt?
Putting RSA keys into azure key vault
How do I easily repair a single unreadable block on a Linux disk?
Does it make sense to use Windows Active Directory in a small group of say less than six users/ computers?
do you track your notes/references? [closed]
Use .bashrc without breaking sftp
How to reverse proxy to different places depending on subdomain in Nginx?