=== arif-ali- is now known as arif-ali
[22:13] <TJ-> This could become a CVE; extraction of shield private keys from ssh-agent. https://security.humanativaspa.it/openssh-ssh-agent-shielded-private-key-extraction-x86_64-linux/
[22:13] <TJ-> proof of concept on 20.04
[22:25] <sarnold> lovely thing to find on a friday afternoon
[22:25] <sarnold> thanks TJ- :)
[22:25] <TJ-> sorry to be the bearer of bad tidings!
[22:26] <TJ-> easy to solve though ... just add another layer of encryption around the plain struct :P
[22:28] <TJ-> amazes me that someone designing the original shielding couldn't see this coming. If I were designing that, I'd at the least ensure there was nothing predictable (thus searchable) in the struct. For the block size the obvious solution is to to make the size the result of multiplying 2 randomly chosen numbers
[22:28] <TJ-> block size -> key size
[22:29] <TJ-> making the key a random size would help too
[22:34] <TJ-> Bug #1937883
[22:34] <ubottu> Bug 1937883 in openssh (Ubuntu) "ssh-agent Shielded Private Key Extraction" [Undecided, New] https://launchpad.net/bugs/1937883
[22:50] <tomreyn> the person designing (?) the original shielding apparently considered a temporary solution - "Hopefully we can remove this in a few years time when computer architecture has become less unsafe."
[22:50] <sarnold> *giggle*
[22:51] <TJ-> hehehe yeah ... if this was a novel the script would have been rejected as unbelievable!