db3l wrote:
If the question is about your public key, there's no risk of exposure - those are expected to be exposed. However, if you're talking about a compromise of the private key, then sure, if you believe your guest itself and its filesystem data may have been compromised (which for me at least the Linode announcement isn't strong enough to encourage believing to be a likely possibility) and you have private keys there, you may wish to re-generate the key pairs. And then of course update anyone who had your old public key.
If I understand your scenario correctly it involves getting into the Linode Manager (which doesn't have two factor but perhaps you meant a failure of whitelisting?), then using LISH to access your console, cracking an account on your Linode to log in(*), and from there compromising your locally stored private keys. Theoretically possible? Sure. But probably unlikely, at least at this point.
You nailed it, and sorry for my confusion which undoubtedly comes from being an amateur and not having a good enough understanding of these things. First, yes, I meant the IP whitelisting function of Linode Manager, and I shouldn't have used the term "two-factor." For the sake of discussion, host/server=Linode and local/client=my local computer which I use to login via SSH to the host. The potentially compromised key I was referring to indeed is the public key that's stored on the Linode under /home/user/.ssh/authorized_keys. I forgot that the private, passphrase-protected key on my local computer that pairs up with what's on the Linode is different from the public key.
I have a basic understanding of how key pairs can be used to encrypt email by giving other people your public key while you retain the private key. The email example makes it easy for me to understand how it's ok to give people a public key. However, my confusion comes from conceptually not understanding how a login is handled with the server having a public key and the client having the private key. Therefore, I didn't know if someone gaining access to this public key stored on the Linode--which I don't believe is routinely shared by the server--was risky.
I appreciate your patience, and I hope I've gotten things right in terms of the terminology. If not, I'm sorry; I'm going to find some reading materials about my question regarding how logins are handled with the key pair right now.
Edit:
For anyone who's still learning like me, I think this explanation from
ArchWiki is easy to understand:
Quote:
When an SSH server has your public key on file and sees you requesting a connection, it uses your public key to construct and send you a challenge. This challenge is like a coded message and it must be met with the appropriate response before the server will grant you access. What makes this coded message particularly secure is that it can only be understood by someone with the private key. While the public key can be used to encrypt the message, it cannot be used to decrypt that very same message. Only you, the holder of the private key, will be able to correctly understand the challenge and produce the correct response.
FAQ
Search
Members
Register
Login [ Anonymous ]
