Types of Encryption 299 Decrypting Files To use GnuPG to decrypt files you have received, use the following command: gpg output file.doc decrypt file.gpg where file.doc is the resulting file name you want and file.gpg is the encrypted file. You must have the private key for the user it was encrypted for on your secret ring. This prompts you for the pass-phrase, and once you have entered it correctly, GnuPG produces the decrypted file. Signing Files As mentioned earlier, another use of GnuPG and PGP is signing documents to verify their integrity. You can do this by issuing the following command: gpg output signed.doc sign unsigned.doc Replace signed.doc with the resulting output filename you want and unsigned.doc with the file you want signed. This command signs and encrypts the doc- ument and produces the output file signed.doc. When it is decrypted, GnuPG will also ver- ify the document. You can verify a file with the following command: gpg verify signed.doc where signed.doc is the encrypted file you want to verify. You can also create signatures separate from the file if you want users without GnuPG to be able to access them but still want to include the signature. There are two commands for this. The command gpg clearsign file.doc creates a text addendum to the file with the signature. If you don’t want to alter the file, you can create a separate signature file with the command gpg output sig.doc detached-sig file.doc The PGP/GnuPG Web of Trust Model As mentioned earlier, rather than use a hieratical trust system like digital certificates and their central certificate authority, PGP and GnuPG use a web of trust model. By signing the keys of people you know, you can verify that their key is worthy of trust. And if they sign other people’s keys who you don’t know directly, you create a chain of trust. The model is based on the idea of “any friend of yours is a friend of mine.” Granted this model doesn’t work perfectly; someone far down the trust chain could turn out to be a bad apple and get away with stuff for a while. But the idea behind this system is that it spreads organically and doesn’t require any infrastructure. Because of this, it can’t be dismantled or co-opted on a large scale easily. The way you establish this web of trust is by signing people’s keys and having them sign yours. In the example in Figure 9.7, Tony can implic- itly trust Jane, Joe, John, and Eve’s keys even though he doesn’t know them directly. Howlett_CH09.fm Page 299 Thursday, June 24, 2004 11:12 PM 300 Chapter 9 • Encryption Tools Signing Keys and Managing Your Key Trusts In GnuPG you sign keys and manage your key trusts by going into key edit mode with the following command: gpg edit-key friend@example.org where friend@example.org matches the e-mail address of the key you want to sign or manage and must be one of the keys on your public ring. It prints out basic information on the key. Within this mode, type fpr to print the fingerprint of that key. Just like humans, the key fingerprint is a specific identifier of that key. Make sure that this is the person’s key by comparing it with him or her either on the phone or by some other manner. You can also check to see who else has signed this key by typing check . This prints a list of other signers of this key and may help you decide the validity of the key. When you are sure that this is the person’s key, type sign. This signs that person’s key so that anyone looking at it knows that you trust him or her. In this mode you can also edit the trust levels of the different keys in your ring. Enter this mode from within key edit mode by typing trust . This displays the following menu. 1 = Don’t know 2 = I do NOT trust 3 = I trust marginally 4 = I trust fully Figure 9.7 Web of Trust Model Web of Trust Model Trusts Trusts Trusts Trusts Trusts Trusts Trusts Trusts Trusts Trusts Sally Mike To ny Dan Steve Eve Jane Joe John Trusts Howlett_CH09.fm Page 300 Thursday, June 24, 2004 11:12 PM Types of Encryption 301 s = Please show me more information m = Back to the main menu Pick one of the items and that key will be marked as such by you. This is another way you can communicate to yourself and others about which users have your highest level of trust and which ones you barely know. This should give you a good introduction to the world of PGP and GnuPG. Again, this chapter is not intended to be the conclusive source on these, and you should refer to their respective Web sites and the other listed sources to read further on these revolutionary programs. PGP and GnuPG are great for encrypting files. However, what if you want to encrypt all communications between two points? PGP is not really viable for this function (the newly included VPN client with the commercial version not withstanding). An open source tool for creating these standing connections where everything is encrypted on the fly is discussed next. OpenSSH: A Free Suite of Session Encryption Tools OpenSSH (Server) Author/primary contact: Tatu Ylönen (original author) and others Web site: www.openssh.org Platforms: BSD, Linux, and most UNIX License: BSD Version reviewed: 2.1.1p4 Mailing lists: Announcement list A read-only list that contains general announcements of new version releases, bug fixes, and so on. Subscribe at www.mindrot.org/mailman/listinfo/openssh-unix-announce. General SSH users list Questions and general discussion on SSH usage. Subscribe by sending an empty message to secureshell-subscribe@securityfocus.com. To unsubscribe to the list, send an empty message to secureshell-unsubscribe@securityfocus.com. There is also an archive of this list at http://marc.theaimsgroup.com/?l=secure-shell&r=1&w=2. Developers list Discussions on SSH development and coding. Subscribe at www.mindrot.org/mailman/listinfo/openssh-unix-dev. Howlett_CH09.fm Page 301 Thursday, June 24, 2004 11:12 PM 302 Chapter 9 • Encryption Tools Most of the file and communication utilities used on the Internet today hark back to the days when the Internet was a small and safe place. One of the most common tools used, other than a Web browser, is Telnet. This utility is used for remote terminal access to all types of servers, routers, firewalls, and other devices. The big downside of Telnet is that it sends its transmissions in the clear, so if you are using Telnet to log into a system over the Internet, someone could capture your traffic, including your passwords. You may think finding your password in the stream of data would be like finding a needle in a haystack, but hackers have written programs that run on top of sniffers to search for common login terms and catalog the results. This is also true of other remote tools such as FTP, TFTP, and RCP. SSH fixes this problem by using both public key and symmetric cryptography to encrypt your session starting from the first keystroke. This way, all anyone listening to your connection gets is random noise. SSH not only provides confidentiality for your data by using encryption, but it also provides strong authentication that foils spoofing and other identity-type attacks. It does this by using digital certificates to authenticate users. Don’t confuse SSH with SSL, the Web encryption standard. Though they both do the same thing, SSH works with any protocol, whereas SSL is primarily designed for Web communications. SSH also includes SCP, which is a secure replacement for RCP, the remote copying tool, and SFTP, a secure replacement for FTP. SSH can also be used to tunnel other proto- cols, such as HTTP and SMTP, between machines. Several applications are discussed at the end of this section. Using this suite of programs instead of their older counterparts ensures that your remote communications to servers aren’t being read. Eliminating the use Telnet and FTP on your network may be difficult, but the more you do it, the more secure you will be. In order to use SSH, you must have a SSH server running on the machine you want to connect to and a SSH client on the machine you are connecting to. Regular FTP and Telnet clients won’t connect to a SSH server. The client is built into most current Linux operating systems, although you may have to select this option when installing your OS. (See Chap- ter 2 for information on the SSH client.) The SSH server is usually optional and you have to select it when you install your OS. To determine if it is already installed, type ps and see if the sshd process is running. If not, you will have to install the server to allow con- nections to your machine via SSH. Installing and Starting the OpenSSH Server 1. First, download and unzip the package from the Web site or the book’s CD-ROM. 2. Issue the usual Linux compile commands: /.configure make make install Howlett_CH09.fm Page 302 Thursday, June 24, 2004 11:12 PM Types of Encryption 303 This builds and installs the SSH programs. The binaries and associated libraries will be located in /usr/local/bin (on the Mandrake Linux system, other distributions may vary). The system daemons are found in /usr/local/sbin, and the config files are in /usr/local/etc/ssh or /etc/ssh, depending on your install. You can choose an alternative install path by using prefix= filepath where filepath is replaced with your desired alternate location. 3. Once OpenSSH is installed, check the configuration file located in /etc/ssh to make sure it matches your system parameters. The configuration file for the server piece is sshd_config. You can use a text editor such as vi or EMACS to make your changes. A few items to check are: • Port: The port that SSH listens to for incoming connections. This defaults to 22. If you change this, people attempting to connect to you will have to manually change the port number on their SSH clients. • Protocols: This tells the server what SSH protocols to accept. The default is to accept both SSH1 and SSH2 type connections. For slightly better security, you could change this to accept only SSH2, but this will keep some older clients from connecting. • Hostkey: This gives the location of the keys used to generate key-based authenti- cation of a user when connecting to a separate machine. These are not the same as the server keys that are generated on install. 4. Before you can use the SSH server, you must generate its various keys. You do this by typing the following command: ssh make-host-key You will get something like the following response. Generating public/private rsa key pair. Enter file in which to save the key (/home/me/.ssh/ id_rsa): Created directory '/home/me/.ssh'. Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /home/me/.ssh/id_rsa. Your public key has been saved in /home/me/.ssh/id_rsa.pub. The key fingerprint is :f6:41:99:d8:a5:d1:fb:e7:93:86:7e:e6:4f:01:d9:5b Howlett_CH09.fm Page 303 Thursday, June 24, 2004 11:12 PM 304 Chapter 9 • Encryption Tools The fingerprint provides a unique identifier for your server’s keys. 5. You can now start the SSH server at the command line by typing sshd & . This runs sshd, the server daemon, in the background and listens continuously for connections. If you want to run sshd automatically when you reboot (which is pref- erable), place that line at the end of the rc.local file in your /etc/rc.d/ directory (on Mandrake Linux, or in the corresponding start-up file for your distribution). Remember, to connect to your server via SSH you need to be running a compatible version of the SSH on the client end. Instructions on the installation and use of the SSH client are in Chapter 2. Port Forwarding with OpenSSH While SSH was primarily intended for Telnet-like command line interaction, it can also be used to set up a secure tunnel between two machines for any application. You can create a secure connection between two servers with the built-in port forwarding capability in SSH. For this to work, you must have SSH running on both ends of the connection. You can do with any service on any port with the following statement issued on the client end. ssh -L local_port : local_host : remote_port remote_hostname –N & where you replace: • local_port with a random high number port chosen by you to make the new encrypted connection • local_host with your local machine • remote_port with the port of the service you want to tunnel on the remote end • remote_hostname with the IP address or host name of the server on the other end of the connection The -L option tells SSH to listen on the local_port on local_host and forward any connections to the remote_port on the remote_host . The -N option tells SSH not to try to log in, just to keep the connection open for forwarded traffic. The & runs the task in the background, so it will run as a system process and you can do other things on the machine. If the machine is rebooted, you will have to enter the command again unless you put it in the start-up script. Using this method, you do not need a login on the remote end to establish the encrypted connection to the remote server. You will need appropriate credentials for any- thing you want to do over the forwarded port if they are required. The following are two examples to show how this works. Example 1: Creating an Encrypted E-mail Connection with OpenSSH Nor- mally, e-mail is sent over port 25 unencrypted. Let’s say you want to encrypt this connec- tion instead. The way to do this is to use SSH to set up an encrypted tunnel for any traffic Howlett_CH09.fm Page 304 Thursday, June 24, 2004 11:12 PM Virtual Private Networks 305 bound for port 25 traffic on your mail server. Using the above format and assuming your mail server has IP address 192.168.1.2, the correct command would be: ssh –L 5000:localhost:25 192.168.1.2 –N & This sets up port 5000 on your local machine as the port that would tunnel the mail port (25) to your remote mail server. So if you set up your mail client to connect to local- host:5000 instead of the default mail port, SSH will automatically forward the traffic to port 25 on your mail server using SSH to encrypt it. Now, you can receive and send mail to this machine without worry of having your mail read off of the wire. Example 2: Creating a Secure Web Connection What if you want to connect your Web server for a secure transaction? If the server wasn’t set up to do SSL, you could still use SSH to securely tunnel your Web traffic to the server. If your Web server is located at 192.168.1.3, the command string looks like this: ssh –L 5000:localhost:80 192.168.1.3 –N & Now you can connect by entering localhost:5000 in your Web browser, and you will actually be forwarded via a secure tunnel to port (80) on the remote machine. You can port forward several different ports on the same machine. For example: ssh –L 5000:localhost:5000:25 –L 5001:localhost:80 192.168.1.2 –N & will forward all traffic on port 5000 locally to the mail port on 192.168.1.2, and all traffic to port 5001 to port 80 on the remote machine. Of course, this example assumes you have a mail account on the remote server. As you can see, SSH works great for creating a secure connection between two machines for just about any protocol. However, what if you want to encrypt all traffic, regardless of what port or service? In this case, setting up a virtual private network makes more sense. Virtual Private Networks Companies used to create private networks using expensive point-to-point data lines from the phone company to keep their information safe. These lines cost thousands of dollars per month per location and linked only two sites at a time. Companies often ended up with a spider web of expensive communication lines connecting their sites. With the advent of the commercial Internet, people immediately saw its potential for interoffice communica- tions. Unfortunately, the open nature of the Internet presented a major security risk. This is where encryption came to the rescue. By using encryption technology, companies can cre- ate a Virtual Private Network (VPN) and harness the low-cost Internet for their corporate communications, safely and securely. Their data is encapsulated in a “tunnel” of encryp- tion, so any parties intercepting the packets in between cannot recover any usable data. Howlett_CH09.fm Page 305 Thursday, June 24, 2004 11:12 PM 306 Chapter 9 • Encryption Tools There are many vendors selling dedicated hardware devices to do virtual public net- works. However, there is an open source solution that will let you set up your own VPN with nothing more than a couple of extra PCs. The FreeS/WAN project is sponsored and managed by John Gilmore. John is a leg- endary name in coder and net-libertarian circles. He is one of the founders of the Elec- tronic Freedom Foundation, which was an early proponent of free strong encryption. After making his fortune in several Silicon Valley start-ups, most notably Sun Microsystems, he now dedicates his time to various projects, many of them open source software–related. The FreeS/WAN project started as an effort to have everyone encrypting his or her communications. While it hasn’t quite had this effect yet, it does offer users of Linux a cost-effective way to set up a VPN. It also allows you to connect to other devices using IPsec, since the IPsec protocol is a widespread standard. Some vendors may not stick pre- cisely to the standard, so your results may vary when using other equipment or software for one of the ends. Check the FreeS/WAN Web site for a list of compatibility with other vendor’s implementations. FreeS/WAN: Open Source IPsec VPN Software FreeS/WAN Author/primary contact: John Gilmore Web site: www.freeswan.org/ Platforms: Most Linux License: GPL Version reviewed: 2.02 Mailing lists: Announce Read-only, for major announcements. Briefs Summary of activity on other lists. Users The main list for user questions and discussion. Users-moderated A moderated less-trafficked version of the above. Design Discussion by developers only. Distros Linux Distribution Maintainers Forum. Bugs To report any bugs found in FreeS/WAN. For instructions on subscribing to any of the above lists, see www.freeswan.org/mail.html. Posts from an older list are currently archived at www.sandelman.ottawa. 33on.ca/linux-ipsec/. Howlett_CH09.fm Page 306 Thursday, June 24, 2004 11:12 PM Virtual Private Networks 307 Using IPsec, everything is encrypted at the IP level, regardless of the application or port. This is what makes IPsec the most popular system for creating secure communica- tions. FreeS/WAN also can use what is called opportunistic encryption , which means it will use encryption to communicate with hosts that support IPsec, and will use regular IP communications for those that don’t. So if you run FreeS/WAN on your firewall box, you can have an automatic VPN to sites running IPsec and still interoperate with other sites that don’t. You need two machines to act as your gateways. To use FreeS/WAN, these machines must be UNIX boxes, preferably Linux. If you want to set up an IPsec connection between Windows systems, you can use the built-in IPsec support (Windows 2000 and later) and don’t need FreeS/WAN. Supposedly, the newest Linux kernel is going to have IPsec inte- grated into it. But even when it does, FreeS/WAN will still have an application for commu- nicating with older versions and using the opportunistic encryption feature. The FreeS/ WAN team is also working on interoperability with the upcoming Linux kernel IPsec support. Installing and Starting FreeS/WAN FreeS/WAN comes preinstalled on many Linux distributions. To see if you have FreeS/ WAN installed, type ipsec verify at the command line. If you get a “file not found” response, then you don’t have it preloaded. Even if you don’t have the RPMs, you can get the source code from the book’s CD-ROM or you can download the latest version to take advantage of the latest cryptographic protocols and features. Follow these instructions to compile FreeS/WAN from source code. 1. Download the latest package from the Web site and unzip it, or copy the file from the CD-ROM. 2. Run the following commands as root from the FreeS/WAN directory to compile and install the package: Make oldmod Make minstall 3. Once FreeS/WAN is installed, you need to reboot your system for the changes to take effect. 4. When your system comes back up, use the verify ipsec at the command line to check your install. You should see a message something like this: Checking your system to see if IPsec got installed and started correctly Version check and ipsec on-path [OK] Checking for KLIPS support in kernel [OK] Checking for RSA private key (/etc/ipsec.secrets) [OK] Checking that pluto is running [OK] Howlett_CH09.fm Page 307 Thursday, June 24, 2004 11:12 PM 308 Chapter 9 • Encryption Tools 5. If you see this, you can start the IPsec service using this command: service start ipsec The IPsec service runs in the background. You are now ready to initiate IPsec sessions. Using FreeS/WAN There are several ways to use FreeS/WAN. One is for a gateway-to-gateway permanent connection, which is called peer-to-peer mode. This mode is appropriate if you have two offices wanting to communicate securely over the Internet. The second method is called road warrior mode, where you have remote users wanting to connect securely to your LAN. Finally, you can operate in Opportunistic Encryption (OE) mode, in which it con- nects with encryption to any hosts or gateways that are capable of it. The following proce- dures describe how to set up each one. Peer-to-Peer Mode FreeS/WAN uses the names Right and Left to refer to the two machines you are connecting via IPsec. This doesn’t have anything to do with direction or location; it just makes it easier to refer to the different sides of the IPsec connection. Just pick one to be your Left machine and one to be your Right machine. 1. First, get on one machine that you are going to call the Right machine. Type the following command to get its public key: ipsec showhostkey right FreeS/WAN shows you some information about the IPsec on that machine, includ- ing its public key. After the equals sign will be a long list of seemingly random digits. This is the key. Copy this number down or use the copy function in your text editor. 2. Now get the public key from the Left machine by using the same command, except use the left switch in the command. 3. Go to /etc/freeswan and edit the file ipsec.conf (some distributions may store this file in /etc). Table 9.2 lists and describes the parameters you need to set in the conn net-to-net section. 4. Leave the rest of the settings as is and save the file. 5. Copy this file onto the other machine in the same place. 6. Use the verify ipsec command described earlier to be sure that the IPsec ser- vice is running on both machines 7. To start up the IPsec connection, type: ipsec auto up net-to-net You should see the message IPsec SA established . If you don’t, check your settings or consult the man pages for troubleshooting information. Howlett_CH09.fm Page 308 Thursday, June 24, 2004 11:12 PM . The key fingerprint is :f 6:4 1:9 9:d8:a5:d1:fb:e 7:9 3:8 6:7 e:e 6:4 f:01:d 9:5 b Howlett_CH09.fm Page 303 Thursday, June 24, 2004 1 1:1 2 PM 304 Chapter 9 • Encryption Tools The fingerprint provides a unique. discussed next. OpenSSH: A Free Suite of Session Encryption Tools OpenSSH (Server) Author/primary contact: Tatu Ylönen (original author) and others Web site: www.openssh.org Platforms: BSD, Linux,. example: ssh –L 5000:localhost:500 0:2 5 –L 5001:localhost:80 192.168.1.2 –N & will forward all traffic on port 5000 locally to the mail port on 192.168.1.2, and all traffic to port 5001 to port