A number of high-profile source-code repositories hosted on GitHub could have been modified using weak SSH authentication keys, a security researcher has warned.
The potentially vulnerable repositories include those of music streaming service Spotify, the Russian Internet company Yandex, the U.K. government and the Django Web application framework.
Earlier this year, researcher Ben Cox collected the public SSH (Secure Shell) keys of users with access to GitHub-hosted repositories by using one of the platform's features. After an analysis, he found that the corresponding private keys could be easily recovered for many of them.
The SSH protocol uses public-key cryptography, which means that authenticating users and encrypting their connections requires a private-public key pair. The server configured to accept SSH connections from users needs to know their respective public keys and the users need to have the corresponding private keys.
If a strong algorithm and a sufficiently large key size is used, it shouldn't be possible to recover a private key from a public key. However, that wasn't what Cox found for a "very large" number of GitHub users, some of whom had SSH access to some large and popular software projects.
The researcher collected 1,376,262 public SSH keys from GitHub and determined that 97.7 percent of them used the RSA algorithm. For RSA, the currently recommended size is 2048 bits, while the strength of 1024-bit keys is debatable and they are in the process of being deprecated.
Cox determined that 93.9 percent of the RSA-based public SSH keys he found on GitHub had 2048 bits, and around four percent had 1024 bits. He found 2 keys that had only 256 bits and 7 that had 512 bits, which would have been easy to break.
However, those small-sized keys were not the biggest problem. He found many other keys that were weak because of a bug in the OpenSSL package distributed with Debian Linux that was identified and patched in May 2008.
The bug was introduced in September 2006 and affected the source of randomness used by the random number generator when generating keys. Because of the flaw, any SSH and SSL keys created on Debian during that 20-month period had only 32,767 possibilities for every CPU architecture, key size, and key type.
Because it was easy for attackers to exploit this situation and break into systems using legitimate user accounts, the Debian developers and the security research community advised everyone who was possibly affected at the time to regenerate their keys.
However, it seems that a lot of people didn't listen and those weak keys are still used today, which is what Cox found when he compared the keys he gathered from GitHub to a key blacklist based on the Debian bug.
Sign up for Computerworld eNewsletters.