On 20/3/24 19:03, Michael Kjörling wrote:
On 20 Mar 2024 15:46 +0800, fromjeremy.ard...@gmail.com (jeremy ardley):
Regarding certificates, I issue VPN certificates to be installed on each
remote device. I don't use public key.
What exactly is this "certificate" that you speak of? In typical
usage, it means a public key plus some surrounding metadata, but you
say that you "don't use public key".
Each client is issued with a private key unique to the access point.
When I say I don't use public key I mean I don't use certificates issued
from public key authorities such as comodo
For ssh use I issue secret keys to each user and maintain matching public
keys in LDAP servers. SSHD servers can get the public keys in real time by
using the AuthorizedKeysCommand. If a secret key is compromised I simply
remove the matching public key.
[users are locked out from uploading their public key using ssh-copy-id]
So the private keys aren't private, thereby invalidating a lot of
assumptions inherent in public key cryptography.
Also, are you saying that you do not let users rotate their keys
themselves; and if so, why on Earth not?
Private keys aren't private in any corporate network. Security
management would be impossible to manage if users could generate their
own keys and install them on any server. For one thing users do not have
any easy way to revoke certificates.
In any serious network, private keys are simply a name for a secret key
issued by an administrator to a user. Matching public keys are often
published and are maintained by the administrator. Both keys are owned
by the administrators.
If you are in full control of your network and resources, sure, go ahead
and rotate your keys. But if you are in a network run by others you have
to accept their control of keys and access to resources.
