Networking

Perspectives provides out-of-band verification for SSH

Perspectives offers more than the Firefox extension for TLS/SSL validation. It also provides a way of checking the host key outside of the network communication you are trying to verify to further protect the security of the connection.

Following up on my last post -- "Is Firefox + Perspectives the most secure browser for TLS/SSL encryption?" -- you may have read about the value of Perspectives for TLS/SSL validation; however, there is a lot more to Perspectives than a Firefox extension.

The SSH protocol is one of the most widely used, and most useful, secure remote access tools available. In normal use for remote access, once you have established contact with a remote server for the first time, a host key for the server is stored in ~/.ssh/known_hosts so that you'll be aware if a later man-in-the-middle attack is in progress when you try to connect to the same server again.

Of course, this doesn't say anything about whether there is a man-in-the-middle attack in progress the very first time you contact that server. You may, in fact, end up with the host key for a malicious security cracker's server stored if you just trust the first host key that comes along. This is why "out of band" host key verification -- some means of verifying the host key outside of the network communication you are trying to verify -- is so important.

Certifying Authorities provide out of band verification for TLS/SSL certificiates, but only for those hosts whose certificates are registered with the CA, often at great expense. The Perspectives extension for Firefox provides a different type of out of band verification that does not require registration. There is more to Perspectives than the Firefox extension, though.

As the Perspectives homepage puts it:

Perspectives is a new approach to help clients securely identify Internet servers in order to avoid "man-in-the-middle" attacks. Perspectives is simple and cheap compared to existing approaches because it automatically builds a robust database of network identities using lightweight network probing by "network notaries" located in multiple vantage points across the Internet.

This approach works as well for SSH host key verification as it does for TLS/SSL certificate verification. In addition to the Firefox extension, the Perspectives team at CMU also offers a Perspectives enabled OpenSSH client for Linux and MacOS X systems. While the Firefox extension has been ported to other systems (including MS Windows and FreeBSD), the OpenSSH client has not yet, though the source code is available under the same copyfree license as the original OpenSSH client. Given time, it too may be ported to other operating systems.

Some of us do not need to use SSH to remotely access machines without being able to verify the host keys ourselves. For those who do, though, the CMU client with Perspectives verification built in can help ensure the security of the connection against man in the middle attacks.

About

Chad Perrin is an IT consultant, developer, and freelance professional writer. He holds both Microsoft and CompTIA certifications and is a graduate of two IT industry trade schools.

5 comments
dgacmu
dgacmu

Hi, Chad - thanks for the note about our SSH support. We haven't been as aggressive in keeping the SSH version up to date as we have about the FireFox version. If you or others are actively using the SSH extension, we'd like to hear from you -- our current version is based on 5.1p, and the current version of SSH is now up to 5.3. If there's demand, we'll port the Perspectives support forward. -Dave Andersen

jmgarvin
jmgarvin

That is a great idea and I have to say I'm surprised this isn't HUGE....

Michael Kassner
Michael Kassner

I did not know this about Perspectives. Thank you. I seldom use SSH, is that the norm or just me?

Neon Samurai
Neon Samurai

I think it would become better known if they could get it into the Firefox plugin repository rather than an independent download and manual install. I was disapointed to not find it in one central location with the majority of other plugins. I also think it's going to be a standard part of my installs now too though.

apotheon
apotheon

Those who primarily use MS Windows tend to use SSH very very little, if at all. That's kind of a shame, considering the convenience and security benefits of a good SSH server/client suite. There's kind of a chicken and egg problem on MS Windows, though, in that it's difficult to get the full convenience of a good SSH server/client suite on MS Windows, and as long as there isn't a lot of demand for it nobody's likely to put in the time to make it much easier than its current state of clunky difficulty. As long as it's plagued by clunky difficulty, there's not likely to be widespread interest. Those of us who use Unix-like systems a whole lot tend to use the hell out of OpenSSH and, on the rare occasion that we let ourselves get cornered into having to use MS Windows for anything serious, we tend to use tools like PuTTY and WinSCP so that we can at least interact to some limited extent with systems that do have good SSH client/server suites installed, but that's not really the same as having OpenSSH installed as a native application with all the convenience and stay-out-of-my-way functionality that is the norm.

Editor's Picks