Nitrokey PRO2 and OpenSSH sshD server side private keys

Hello,

Please let me know:

  1. Are there any differences between Nitrokey PRO2 purchased in 2018 and the latest ones manufactured in 2020? Any bugs fixed in 2020 pieces? Any hardware changes done?

Do you update OpenPGP card version? For example latest Yubikeys 5C are at the level of PGP Card v 3.4

  1. What is the longest RSA key size which can be used in Nitrokey PRO2 purchased in 2018?
    Is it RSA 4096? By which methods can it be used in OpenSSH to communicate with Nitrokey?
    Via OpenSC/PKCS11/PGPagent ?

  2. Which interfaces are supported by Nitrokey PRO2? Any of following:
    ISO 7816-12
    USB CCID
    PC/SC
    MS CryptoAPI
    MS SmartCardAPI
    PKCS#11

supported?

  1. Can all methods of connecting to NitrokeyPRO2 on a client side of SSH
    be used on server side too to access server private keys?
    For example: PGP agent, PKCS11, OpenSC - all of them work on server side too?

With a FIDO token ecdsa-sk can be used on the server side too?

Hi @sanyo!

Good point. We do not have summary of changes between the model revisions AFAIK. cc @jan

Some of the questions should be answered by looking at Nitrokey Pro’s fact sheet:

  1. Hardware side OpenPGP card is now versioned 3.3. Firmware side it should be possible now with the latest batches to update the firmware without hardware means (like debugger).
  2. a) Both 4096 AFAIK. b) It should work out-of-the-box - please take a look at our documentation at Support menu (top right corner), e.g.:
  1. Most of the mentioned are I believe.
  2. Do you mean SSH Agent forwarding to use local keys by the server connected through SSH? Yes, its possible.
  3. Do you mean OpenSSH session with FIDO2? Yes, it should be possible to be forwarded similarly.

How can I specify server side sshD to get its server private key like ecdsa-sk from a hardware FIDO2 token instead of /etc/ssh/ssh_host_ecdsa_key
? FIDO2 hardware token would be connected to the server like a HSM (instead of HSM).

Can sshD use several keys at once (all of them would be required to pass) to authenticate the server in a single SSH session?

With a client it is possible to specify several keys by the following option (example for 4 different client keys used simultaneously to authenticate a client):

AuthenicationMethods=publickey,publickey,publickey,publickey

Can a server be authenticated in a similar hardened way to prevent MITM possibility?

Is not it harder to extract and steal several private keys from different device types on the server?
For example 4 keys could be used together: NK PRO2/HSM2, Feitian K9B, Yubikey 5, Postquantum key in a file on a microSD card in a SoC board running sshD which is being authenticated.

Another question: is RSA4096 available from NK PRO2/HSM2 only via pgp-agent or via opensc-pkcs11 too?

If only via PGP then how to specify sshD server to get a server key from PGP?

I mean how to configure a server sshD to keep its private keys in a PGP (NK PRO2/HSM2 actually) or FIDO2 instead of /etc/ssh/host_key_xxx
? It is also related to known_hosts instead of authorized_keys, btw.

Please look at example of configuring Yubikey to store sshD server private keys via PKCS11:

http://www.freezepage.com/1594684827NBCKEBVUJK

http://www.freezepage.com/1594650360FUTJKRHYFN

Does it work in the same way for Nitrokey PRO2/HSM2 ?

Not sure if following article is about server keys too:
https://blog.josefsson.org/2015/06/16/ssh-host-certificates-with-yubikey-neo/

What about FIDO2 ecdsa-sk and pgp-agent methods? Can they work for server keys too?

According to:
https://man7.org/linux/man-pages/man5/sshd_config.5.html

HostKey
It is possible to have multiple host key files. It is also
possible to specify public host key files instead. In this
case operations on the private key will be delegated to an
ssh-agent(1).

Then may be a public key for the ecdsa-sk can be just specified in the HostKey to employ the FIDO2 hardware for the task of server host authentication?

According to:
https://www.openssh.com/txt/release-8.2
It actually looks like public keys of ecdsa-sk type can be specified in the HostKey option, I am still not sure about gpg-agent especially for Yubikey since it does not support RSA4096 directly via PKCS11 piv.

Is it possible to tell sshD to require all specified multiple HostKey be authenticated even for a single SSH session? So that I could install a few hardware keys like Nitrokey PRO2, Yubikey 5C and FIDO2 all connected to the server host and all of them would be required to participate in authentication of the host by a client side to avoid server side MITM attack.

OpenSC access is possible. Please take a look at our documentation:

You need to confront that with OpenSSH documentation. I am not aware of multiple-key authentication being possible there. You might need to have a custom patch done to handle such configuration.

As long as the server handles the OpenSSL and engines, perhaps it can run the TLS sessions from the device too, so you could be authenticated and encrypted on each https connection.

I see your idea - this way you could protect yourself from potential hardware/firmware backdoors. At some point though it makes it worse, because complicated solution is hard to maintain, and gets diminishing returns at each step further. You need to keep in mind other attacks too, which could be easier to make than attacking “crypto-bastion” (infrastructure like the SoC mentioned, OS updates chain, etc.).

Please take a look at OpenSSH documentation. I believe the OpenSSL configuration could be changed to use pkcs11 engine there, which would allow to use any crypto-device supporting this protocol.
Just seen the linked articles - this is the idea exactly.

You need to ask OpenSSH devs about that. I’ve only heard about single key authentication.