Following up on my last post — “Is Firefox + Perspectives the most secure browser for TLS/SSL encryption?” — you may have read about the value of Perspectives for TLS/SSL validation; however, there is a lot more to Perspectives than a Firefox extension.
The SSH protocol is one of the most widely used, and most useful, secure remote access tools available. In normal use for remote access, once you have established contact with a remote server for the first time, a host key for the server is stored in
~/.ssh/known_hosts so that you’ll be aware if a later man-in-the-middle attack is in progress when you try to connect to the same server again.
Of course, this doesn’t say anything about whether there is a man-in-the-middle attack in progress the very first time you contact that server. You may, in fact, end up with the host key for a malicious security cracker’s server stored if you just trust the first host key that comes along. This is why “out of band” host key verification — some means of verifying the host key outside of the network communication you are trying to verify — is so important.
Certifying Authorities provide out of band verification for TLS/SSL certificiates, but only for those hosts whose certificates are registered with the CA, often at great expense. The Perspectives extension for Firefox provides a different type of out of band verification that does not require registration. There is more to Perspectives than the Firefox extension, though.
As the Perspectives homepage puts it:
Perspectives is a new approach to help clients securely identify Internet servers in order to avoid “man-in-the-middle” attacks. Perspectives is simple and cheap compared to existing approaches because it automatically builds a robust database of network identities using lightweight network probing by “network notaries” located in multiple vantage points across the Internet.
This approach works as well for SSH host key verification as it does for TLS/SSL certificate verification. In addition to the Firefox extension, the Perspectives team at CMU also offers a Perspectives enabled OpenSSH client for Linux and MacOS X systems. While the Firefox extension has been ported to other systems (including MS Windows and FreeBSD), the OpenSSH client has not yet, though the source code is available under the same copyfree license as the original OpenSSH client. Given time, it too may be ported to other operating systems.
Some of us do not need to use SSH to remotely access machines without being able to verify the host keys ourselves. For those who do, though, the CMU client with Perspectives verification built in can help ensure the security of the connection against man in the middle attacks.