Wednesday, June 18, 2014

Host-based authentication

Host-based authentication is pretty well "documented" everywhere.
I suspect this is a clear indication that many are actively using it.
It could be thought as an evolution of the legacy RSH.
But I consider it also a legacy to be avoided.

Security is more important as the world is proportionally more dangerous.
And there are security considerations with host-based authentication:
 
  • If the trusted host is compromised, so is everything relying on it;
    (security is hardly perfect, so it's better to layer and segment)
     
  • More SSH code (client and server) is exposed to attack;
    (everybody should know more about bugs and backdoors)
     
  • Client SSH code is made setuid usually to root;
    (when all strive to get rid of root this in the wrong way)
     
  • Can allow root or anybody to log in; 
    (but who they really are?)
     
  • Complex and error-prone setup.
    (must I stress how troublesome is this?)
 
Thus, keep using host-based authentication, specially because of a lazy sysadmins saying so, isn't really reasonable for any serious businesses conscious about security as well.